CN106372547B - Method and system for reading resident certificate card information and resident certificate card reading device - Google Patents

Method and system for reading resident certificate card information and resident certificate card reading device Download PDF

Info

Publication number
CN106372547B
CN106372547B CN201610780408.4A CN201610780408A CN106372547B CN 106372547 B CN106372547 B CN 106372547B CN 201610780408 A CN201610780408 A CN 201610780408A CN 106372547 B CN106372547 B CN 106372547B
Authority
CN
China
Prior art keywords
card
resident
resident certificate
certificate card
control device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610780408.4A
Other languages
Chinese (zh)
Other versions
CN106372547A (en
Inventor
李明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tendyron Corp
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610780408.4A priority Critical patent/CN106372547B/en
Publication of CN106372547A publication Critical patent/CN106372547A/en
Application granted granted Critical
Publication of CN106372547B publication Critical patent/CN106372547B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • G06K17/0022Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisions for transferring data to distant stations, e.g. from a sensing device

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a method and a system for reading resident certificate card information and a resident certificate card reading device, wherein the method comprises the following steps: after receiving an operation request sent by a terminal, a resident certificate card reading device starts a card searching process, a card selecting process and a card reading process; the resident certificate card reading device transmits interactive information between the first resident certificate card verification safety control device and the resident certificate card in the process that the first resident certificate card verification safety control device reads the resident certificate card information; and receiving resident certificate card information sent by the first resident certificate card verification safety control equipment after reading the resident certificate card information stored in the resident certificate card, and sending the resident certificate card information to the terminal. Because every resident's certificate card reading device all is connected with first resident's certificate card verification safety control equipment, can improve first resident's certificate card from this and verify safety control equipment's utilization ratio.

Description

Method and system for reading resident certificate card information and resident certificate card reading device
Technical Field
The invention relates to the technical field of electronics, in particular to a method and a system for reading resident certificate card information and a resident certificate card reading device.
Background
The existing front-end resident certificate card reading device has at least two modules, including a reading module and an SAM (resident certificate card verification security control) module. Because each front-end resident certificate card reader is provided with the SAM module, the existing front-end resident certificate card reading device has high manufacturing cost; moreover, one SAM module can only carry out identity verification on the resident certificate card information read by one reading module, so that the utilization rate of the existing front-end resident certificate card reader is low.
Disclosure of Invention
The present invention is directed to solving one of the problems set forth above.
The invention mainly aims to provide a method for reading resident certificate card information;
another object of the present invention is to provide a resident identification card reading device;
it is still another object of the present invention to provide a system for reading resident identification card information.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
scheme 1, a method for reading resident certificate card information, including: step 1, a terminal sends an operation request to a resident certificate card reading device; step 2, after the resident certificate card reading device receives the operation request sent by the terminal, periodically broadcasting a card searching instruction; step 3, the resident certificate card reading device receives a response message returned by the resident certificate card; step 4, the resident certificate card reading device judges that the response message is card searching confirmation data aiming at the card searching instruction; step 5, the resident certificate card reading device stops broadcasting the card searching command and sends a card searching request to the first resident certificate card verification safety control device through the network; step 6, the first resident certificate card verification safety control equipment receives the card searching request and sends a card searching response to the resident certificate card reading device through a network, wherein the card searching response carries card searching response data; step 7, the resident certificate card reading device receives the card searching response sent by the first resident certificate card verification safety control device, and obtains the card searching response data; step 8, the resident certificate card reading device determines that the card searching response data is response data responding to the card searching request, and sends card searching confirmation data to the first resident certificate card verification safety control equipment; step 9, the resident certificate card reading device sends a card selection instruction to the resident certificate card; step 10: the resident certificate card reading device receives card selection confirmation data sent by the resident certificate card, wherein the card selection confirmation data at least comprises unique identification information of the resident certificate card; step 11: the resident certificate card reading device sends a card selection request to the first resident certificate card verification safety control equipment through a network; step 12, the first resident identification card verification safety control equipment receives the card selection request and sends a card selection request response to the resident identification card reading device through a network, wherein the card selection request response carries card selection request response data; step 13, the resident identification card reading device receives a card selection request response sent by the first resident identification card verification safety control device, and card selection request response data is obtained; step 14, the resident identification card reading device determines that the card selection request response data is response data for the card selection request, and sends card selection confirmation data to the first resident identification card verification safety control device; step 15, the resident certificate card reading device sends a card reading instruction to the resident certificate card; step 16, the resident certificate card reading device receives the card reading confirmation data returned by the resident certificate card; step 17, the resident certificate card reading device sends a card reading request to the first resident certificate card verification safety control device, wherein the card reading request is used for indicating the first resident certificate card verification safety control device to start a process of reading resident certificate card information; step 18, the first resident certificate card verification safety control equipment receives the card reading request and starts a process of reading resident certificate card information; step 19, the resident certificate card reading device transmits interactive information between the first resident certificate card verification safety control device and the resident certificate card in the process that the first resident certificate card verification safety control device reads the resident certificate card information; step 20, the resident certificate card reading device receives the resident certificate card information sent by the first resident certificate card verification safety control equipment after the resident certificate card information stored in the resident certificate card is read; and step 21, the resident certificate card reading device sends the resident certificate card information to the terminal.
Scheme 2, according to the method of scheme 1, the card-searching request carries at least first identity authentication data; before the first resident identification card verification security control device returns the card searching response to the resident identification card reading device, the method further comprises: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to the first identity authentication data carried in the card searching request, and executes the step of returning the card searching response to the resident certificate card reading device under the condition that the identity passes the authentication.
Scheme 3, according to the method of scheme 1 or 2, the card-searching response carries at least second identity authentication data; after the resident identification card reading device receives the card searching response sent by the first resident identification card verification security control device, before the card searching response data is acquired, the method further comprises the following steps: and the resident certificate card reading device authenticates the identity of the first resident certificate card verification safety control device according to the second identity authentication data, and executes the step of acquiring the card searching response data under the condition that the authentication is passed.
Scheme 4, according to the method of any one of schemes 1 to 3, the card selection request carries third identity authentication data; before the first resident identification card verification security control device sends a card selection request response to the resident identification card reading means after receiving the card selection request, the method further comprises: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to third identity authentication data carried in the card selection request, and executes the step of sending a card selection request response to the resident certificate card reading device under the condition that the authentication is passed.
Scheme 5, according to the method of any one of schemes 1 to 4, the card selection request response carries at least fourth identity authentication data; after the resident identification card reading device receives the card selection request response sent by the first resident identification card verification security control device, before acquiring the card selection request response data, the method further includes: and the resident certificate card reading device authenticates the identity of the first resident certificate card verification safety control device according to the fourth identity authentication data, and executes the step of acquiring the card selection request response data under the condition that the authentication is passed.
Scheme 6, according to the method of any one of schemes 1 to 5, the card reading request at least carries fifth identity authentication data; after the first resident identification card verification security control device receives the card reading request, before the first resident identification card verification security control device starts a process of reading resident identification card information, the method further includes: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to the fifth authentication data carried in the card reading request, and executes the step of starting the process of reading the resident certificate card information under the condition that the authentication is passed.
Scheme 7, the method according to any one of the schemes 1 to 6, before the first resident certificate card authentication security control device starts a flow of reading resident certificate card information, the method further comprising: the resident certificate card reading device negotiates with the first resident certificate card verification safety control device, and a session key is obtained by the resident certificate card reading device and the first resident certificate card verification safety control device;
after the resident certificate card reading device and the first resident certificate card verification security control device obtain the session key, the method further includes: in the subsequent communication process of the resident identification card reading device and the first resident identification card verification security control device, the resident identification card reading device and the first resident identification card verification security control device respectively encrypt and decrypt the transmitted and received data by using the session key.
Scheme 8, the method according to any one of schemes 1 to 7, wherein the card-searching request is sent by the resident certificate card reading device to the first resident certificate card verification security control device through a network, and the method comprises the following steps: the resident certificate card reading device selects the first resident certificate card verification safety control device from a plurality of resident certificate card verification safety control devices, and sends the card searching request to the selected first resident certificate card verification safety control device.
The method according to claim 9 and claim 8, wherein the resident identification card reading means selects the first resident identification card verification security control device from a plurality of resident identification card verification security control devices, and the method comprises: the resident certificate card reading device selects the first resident certificate card verification safety control device from a plurality of resident certificate card verification safety control devices according to the corresponding relation between the resident certificate card reading device and the first resident certificate card verification safety control device which is stored in advance; or the resident certificate card reading device selects the resident certificate card verification safety control equipment with the current working state being idle as the first resident certificate card verification safety control equipment.
Scheme 10, the method according to any one of schemes 1 to 9, after the resident identification card reading device sends the resident identification card information to the terminal, the method further comprises: the terminal displays the resident certificate card information, and/or the terminal sends the resident certificate card information to a storage device for storage.
Scheme 11, a resident's certificate card reading device includes: the third transceiver module is used for triggering the first transceiver module to periodically broadcast a card searching instruction after receiving an operation request sent by the terminal; the first transceiving module is used for periodically broadcasting a card searching instruction and receiving a response message returned by the resident certificate card; the first processing module is used for judging whether the response message is card searching confirmation data aiming at the card searching instruction, and if yes, the first receiving and sending module is informed to stop broadcasting the card searching instruction, and the second receiving and sending module is triggered to send a card searching request to the first resident certificate card verification safety control device through the network; the second transceiving module is used for sending a card searching request to the first resident certificate card verification safety control device through a network and receiving a card searching response sent by the first resident certificate card verification safety control device; the first processing module is further configured to obtain the card-searching response data, determine that the card-searching response data is response data responding to the card-searching request, and trigger the second transceiver module to send card-searching confirmation data to the first resident certificate card verification security control device; the second transceiver module is further configured to send the card searching confirmation data to the first resident certificate card verification security control device through a network; the first transceiver module is further configured to send a card selection instruction to the resident certificate card, and receive card selection confirmation data sent by the resident certificate card, where the card selection confirmation data at least includes unique identification information of the resident certificate card; the second transceiving module is further configured to send a card selection request to the first resident certificate card verification security control device through a network, and receive a card selection request response sent by the first resident certificate card verification security control device, where the card selection request response carries card selection request response data; the first processing module is further configured to acquire the card selection request response data, determine that the card selection request response data is response data for the card selection request, and trigger the second transceiver module to send card selection confirmation data to the first resident certificate card verification security control device; the second transceiver module is further configured to send the card selection confirmation data to the first resident certificate card verification security control device; the first transceiver module is further configured to send a card reading instruction to the resident certificate card and receive card reading confirmation data returned by the resident certificate card; the second transceiving module is further configured to send a card reading request to the first resident certificate card verification security control device, where the card reading request is used to instruct the first resident certificate card verification security control device to start a process of reading resident certificate card information; the first transceiver module is further configured to receive first interaction information sent by the resident certificate card to the resident certificate card verification security control device in a process of reading resident certificate card information by the first resident certificate card verification security control device, and transmit second interaction information sent by the first resident certificate card verification security control device to the resident certificate card; the second transceiver module is further configured to send the first interaction information to the first resident certificate card verification security control device, and receive the second interaction information sent by the first resident certificate card verification security control device; the second transceiver module is further configured to receive the resident certificate card information sent by the first resident certificate card verification security control device after the resident certificate card information stored in the resident certificate card is read; and the third transceiver module is also used for sending the resident certificate card information to the terminal.
In the apparatus according to claim 12 and 11, the first processing module is further configured to obtain first identity authentication data, and carry the first identity authentication data in the card searching request.
In scheme 13, according to the apparatus in scheme 11 or 12, the card-searching response at least carries second identity authentication data; the first processing module obtains the card searching response data in the following way: and authenticating the identity of the first resident certificate card verification safety control equipment according to the second identity authentication data, and acquiring the card searching response data under the condition that the authentication is passed.
The apparatus according to any one of claims 14 and 11 to 13, wherein the first processing module is further configured to obtain third authentication data before the second transceiver module sends the card selection request to the first residential certificate card verification security control device, and carry the third authentication data in the card selection request.
In scheme 15, according to the apparatus in any one of schemes 11 to 14, the card selection request response at least carries fourth identity authentication data; the first processing module obtains the card selection request response data in the following mode: and authenticating the identity of the first resident certificate card verification safety control equipment according to the fourth identity authentication data, and acquiring the card selection request response data under the condition that the authentication is passed.
The apparatus according to any one of the claims 16 and 11 to 15, wherein the first processing module is further configured to, before the second transceiver module sends a card reading request to the first resident certificate card verification security control device, acquire fifth authentication data, and carry the fifth authentication data in the card reading request.
The apparatus of claim 17, the apparatus of any of claims 11 to 16, further comprising: the key negotiation module is used for negotiating with the first resident certificate card verification security control device to obtain a session key before the second transceiver module sends the card reading request to the first resident certificate card verification security control device;
the second transceiver module sends the first interactive information to the first resident certificate card verification security control device in the following way: the second transceiver module encrypts the first interaction information by using the session key to obtain a first interaction information ciphertext, and sends the first interaction information ciphertext to the first resident certificate card verification safety control equipment; the second transceiver module receives the second interactive information and the receiving sent by the first resident certificate card verification safety control device in the following mode, and the first resident certificate card verification safety control device reads the resident certificate card information stored in the resident certificate card and then sends the resident certificate card information: the second transceiving module decrypts a second interaction information ciphertext sent by the first resident certificate card verification safety control device by using the session key to obtain the second interaction information; and the second transceiving module decrypts the resident certificate card information ciphertext sent by the first resident certificate card verification safety control device by adopting the session key to obtain the resident certificate card information.
Scheme 18, the apparatus according to any of schemes 11 to 17, wherein the second transceiver module sends the card-searching request to the first resident certificate card verification security control device via the network by: and selecting the first resident certificate card verification safety control equipment from a plurality of resident certificate card verification safety control equipment, and sending the card searching request to the selected first resident certificate card verification safety control equipment through a network.
Scheme 19, the apparatus according to scheme 18, wherein the second transceiver module selects the first resident identification card verification security control device from a plurality of resident identification card verification security control devices by: selecting the first resident certificate card verification safety control equipment from a plurality of resident certificate card verification safety control equipment according to the corresponding relation between the resident certificate card reading device and the first resident certificate card verification safety control equipment which is stored in advance; or, selecting the resident certificate card verification safety control device with the current working state being idle as the first resident certificate card verification safety control device.
Scheme 20, the apparatus of any of schemes 11 to 19, further comprising: and the storage module is used for storing the resident certificate card information received by the second transceiver module.
Scheme 21, a system for reading resident certificate card information, comprising: the terminal is used for sending an operation request to the resident certificate card reading device and receiving resident certificate card information sent by the resident certificate card reading device; the resident certificate card reading device comprises the resident certificate card reading device in any one of the above aspects 11 to 19; and the first resident certificate card verification safety control device is used for receiving the request sent by the resident certificate card reading device and executing the operation corresponding to the request.
Scheme 22, the system of scheme 21, further comprising: a storage device and/or a display device; the terminal and/or the resident certificate card reading device are also used for sending the resident certificate card information to the storage device and/or the display device; the storage device is used for storing the resident certificate card information; and the display device is used for displaying the resident certificate card information.
According to the technical scheme provided by the invention, the resident certificate card reading device is independent of the first resident certificate card verification safety control device, can perform information interaction with the first resident certificate card verification safety control device, can be connected with the resident certificate card and serves as a bridge for performing information interaction between the resident certificate card and the first resident certificate card verification safety control device; in addition, also can set up a plurality of resident's certificate card and verify the safety control equipment, every resident's certificate card reading device chooses first resident's certificate card earlier and verifies the safety control equipment, then verify the safety control equipment with first resident's certificate card and be connected, when guaranteeing to improve the utilization ratio that first resident's certificate card verifies the safety control equipment, also can guarantee every resident's certificate card reading device's reading speed, be unlikely to when a plurality of resident's certificate card reading devices wait to be connected to first resident's certificate card and verify the safety control equipment, every resident's certificate card reading device's latency is overlength.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a system for reading information of a resident certificate card according to embodiment 1 of the present invention;
fig. 2 is a schematic structural view of a resident identification card reading device provided in embodiment 2 of the present invention;
FIG. 3 is a schematic structural diagram of another resident identification card reading device provided in embodiment 2 of the present invention;
fig. 4 is a flowchart of a method for reading resident identification card information according to embodiment 3 of the present invention;
fig. 5 is a schematic structural diagram of an actual application scenario of the system for reading information of a resident identification card according to embodiment 4 of the present invention;
fig. 6 is a flowchart of an alternative method for reading the information of the resident identification card according to embodiment 5 of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "up", "down", "front", "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are used only for convenience in describing the present invention and for simplicity in description, and do not indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
Example 1
Fig. 1 is a schematic structural diagram of a system for reading information of a resident identification card according to embodiment 1 of the present invention, and as shown in fig. 1, the system for reading information of a resident identification card according to embodiment 1 of the present invention mainly includes: the resident identification card reading device 10, a first resident identification card verification security control device 20 connected with the resident identification card reading device 10 and a terminal 30, wherein the resident identification card reading device 10 may include an SAM (resident identification card verification security control) module, the resident identification card reading device 10 is independent from the terminal 30, which may have two or more interfaces (wired or wireless), connected to the terminal 30 through one of the interfaces, and connected to the first resident identification card verification security control device 20 through the other interface. In the system, a first resident certificate card verification safety control device can be connected with a plurality of resident certificate card reading devices so as to improve the utilization rate of the first resident certificate card verification safety control device; meanwhile, a plurality of resident certificate card verification safety control devices can be provided, the utilization rate of the first resident certificate card verification safety control device is improved, the reading speed of each resident certificate card reading device can be guaranteed, and the phenomenon that when a plurality of resident certificate card reading devices wait to be connected to the first resident certificate card verification safety control device, the waiting time of each resident certificate card reading device is too long is avoided.
In the embodiment, the terminal 30 is used for sending an operation request to the resident identification card reading device 10 and receiving the resident identification card information sent by the resident identification card reading device 10; the terminal 30 may be a PC, a PAD (tablet computer), a smart phone, a wearable smart device, an electronic signature device (for example, a U shield of a work station, a K bank of a farming department, etc.) and the like capable of communicating and sending instructions.
The first resident identification card verification security control device 20 is configured to receive the request sent by the resident identification card reading device 10 and perform an operation corresponding to the request sent by the resident identification card reading device 10.
In the embodiment of the present invention, when a user needs to read the resident identification card information stored in the resident identification card, the user sends an operation request to the resident identification card reading device 10 through the terminal 30, wakes up the resident identification card reading device 10, so that the resident identification card reading device 10 enters a power-on state from a power-off state or enters a working state from a sleep state, starts to periodically broadcast a card searching instruction, and further starts a flow of detecting the resident identification card (searching and selecting the card), so as to further read the resident identification card information stored in the resident identification card. For example, the user may input an operation instruction to the terminal 30 through a certain key in the terminal 30, and the terminal 30 transmits an operation request to the resident identification card reading device 20 in response to the operation instruction input by the user. The resident certificate card reading device 10 transmits interactive information between the first resident certificate card verification security control device 20 and the resident certificate card in the process of detecting the resident certificate card (searching and selecting the card) by the first resident certificate card verification security control device 20, performs mutual authentication between the resident certificate card reading device 10 and the first resident certificate card verification security control device 20, and starts the process of reading the resident certificate card information (reading the card) after the authentication is completed. After the first resident certificate card verification safety control device 20 reads resident certificate card information stored in the resident certificate card, the resident certificate card information can be decrypted, the decrypted resident certificate card information is sent to the resident certificate card reading device 10, and the resident certificate card reading device 10 receives the resident certificate card information sent after the first resident certificate card verification safety control device 20 reads the resident certificate card information stored in the resident certificate card.
The resident certificate card reading device 10 provided based on the embodiment of the invention is equivalent to a reading module in the existing resident certificate card reading device, only has an information interaction function, and does not have other functions of SAM authentication and the like of the existing resident certificate card reading device, is independent of the first resident certificate card verification safety control device, and structurally separates the reading module from the SAM module in the resident certificate card reading device, and the resident certificate card reading device 10 can perform information interaction with the first resident certificate card verification safety control device, can also be connected with the resident certificate card and the first resident certificate card verification safety control device, and is used as a bridge for performing information interaction between the resident certificate card and the first resident certificate card verification safety control device. The structure of the resident identification card reading device 10 will be described in detail in embodiment 2, with particular reference to the description of embodiment 2.
In addition, the resident certificate card information stored in the resident certificate card is encrypted and transmitted, and due to the particularity of the resident certificate card, only the resident certificate card verification safety control device (SAM module) can decrypt the resident certificate card information stored in the resident certificate card. In a specific implementation process, when sending a first request (card searching request) to the first resident identification card verification security control device 20, the resident identification card reading apparatus 10 may set the content that needs to be decrypted by the first resident identification card verification security control device 20, for example, the first resident identification card verification security control device 20 may be set to read only the basic information (e.g., name, gender, birth year and month, etc.) stored in the resident identification card, the first resident identification card verification security control device 20 may also be set to read the basic information + the photo + the fingerprint information, etc. stored in the resident identification card, and the setting may be specifically performed as required.
In a specific implementation process, the resident identification card reading device 10 starts a process of detecting the resident identification card by sending the card searching request and the card selecting request to the first resident identification card verification security control device 20 in sequence. During the process of detecting the resident certificate card by the first resident certificate card verification security control device 20, the first resident certificate card verification security control device 20 performs information interaction with the resident certificate card, at this time, the information interaction between the first resident certificate card verification security control device 20 and the resident certificate card is based on the information interaction between the existing SAM module and the resident certificate card, which may include one information interaction or multiple information interactions, which may include a card searching process and a card selecting process, during the process of performing information interaction between the first resident certificate card verification security control device 20 and the resident certificate card, the resident certificate card reading device 10 transmits the received information transmitted by the resident certificate card to the first resident card verification security control device 20, the resident certificate card reading device 10 transmits the received information transmitted by the first resident certificate card verification security control device 20 to the resident certificate card, mutual authentication is carried out between the first resident certificate card verification safety control device and the resident certificate card reading device in the card searching process and the card selecting process, and after the authentication is successful, the first resident certificate card verification safety control device 20 sends a card searching response and a card selecting response to the resident certificate card reading device 10, so that the resident certificate card reading device 10 knows that the resident certificate card is successfully detected. Therefore, mutual authentication between the first resident certificate card verification safety control device and the resident certificate card reading device is completed while the card searching process and the card selecting process are completed, the identity of the resident certificate card reading device and the identity of the first resident certificate card verification safety control device are legal, and therefore information of the resident certificate card can be read out safely.
Through the card searching process and the card selecting process, the resident certificate card can be ensured to exist in the reading range of the resident certificate card reading device 10 before the resident certificate card information reading process is executed, and the situation that the resident certificate card information cannot be acquired in the subsequent resident certificate card information reading process is avoided. In addition, after the resident identification card reading device 10 receives the card selection response, it may prompt the user whether to perform a reading operation, and only after the user confirms, the resident identification card reading device 10 may send a card reading instruction to the resident identification card so as to initiate a process of reading the resident identification card information, for example, the user presses a specific key on the resident identification card reading device 10, or the resident identification card reading device 10 may also send a message to the terminal 30 to instruct the terminal 30 to prompt the user whether to continue reading the card.
In an optional implementation of the embodiment of the present invention, the resident identification card information acquiring system may further include: a storage device 40 and a display device 50; at this time, the resident identification card reading device 10 and/or the terminal 30 may be further configured to send the resident identification card information to the storage device 40 and/or the display device 50; a storage device 40 for storing resident certificate card information; and the display device 50 is used for displaying the resident identification card information. In the specific implementation process, after receiving the resident identification card information sent by the first resident identification card verification security control device 20, the resident identification card reading device 10 can display the resident identification card information, and can also store the resident identification card information, at this time, the resident identification card reading device 10 can send (directly send or send through the terminal 30) the resident identification card information to the storage device for storage, so that when the resident identification card is used again later, the user does not carry the resident identification card, and only the storage device is carried. In order to ensure the security of the storage, the resident identification card reading device 10 and/or the terminal 30 may transmit the resident identification card information to the storage device to be encrypted and stored.
In an implementation, the storage device 40 may be disposed in the terminal 30, as a part of the terminal 30, or may be disposed outside the terminal 30. The storage device may be a single storage device or a device integrated with other functions, for example, in an application scenario of bank transaction, the storage device may be an electronic signature device (e.g., a work unit U shield, a farm unit K bank, etc.). In addition, the resident identification card information may be stored in the storage device 30 in a plaintext manner, or may be stored in the storage device 30 in an encrypted manner, and the embodiment is not limited in this embodiment. Likewise, the display device 50 may be provided in the terminal 30, as a part of the terminal 30, or may be provided outside the terminal 30. The display device can be a single display device or a device integrated with other functions.
In another optional implementation of the embodiment of the present invention, in the case that the terminal 30 is provided separately from the storage device 40 and the display device 50, the terminal 30 may be further configured to send the resident identification card information to the storage device 40 and/or the display device 50; the storage device 40 stores resident certificate card information; the display device 50 displays the resident identification card information. In the specific implementation process, the terminal 30 can display the resident identification card information after receiving the resident identification card information sent by the resident identification card reading device 10, and also can store the resident identification card information, and at this time, the terminal 30 can also send the resident identification card information to the storage device for storage, so that when the terminal is used again later, the terminal can only carry the storage device without carrying the resident identification card. In order to ensure the security of the storage, the resident identification card reading device 10 and/or the terminal 30 may transmit the resident identification card information to the storage device to be encrypted and stored. In addition, the terminal 30 can also send the resident identification card information to a display device external to the terminal for displaying.
The system provided by the embodiment can be applied to a banking system, wherein the resident identification card reading device 10 and the terminal 30 can be the front end of a bank counter, one or more resident identification card reading devices 10 and terminals 30 can be arranged at each business point, and one or more resident identification card verification safety control devices can be arranged at each business point.
Based on the system for reading the resident certificate card information provided by the embodiment of the present invention, the resident certificate card reading apparatus 10 is provided independently from the first resident certificate card verification security control apparatus 20(SAM module), the resident certificate card reading apparatus 10 can be connected to the first resident certificate card verification security control apparatus 20 in a wired manner (e.g. wired network manner such as internet, local area network, etc.) or a wireless manner (e.g. wireless network manner such as WIFI, 3G, 4G, etc.), can perform information interaction with the first resident certificate card verification security control apparatus 20, can also connect the resident certificate card and the first resident certificate card verification security control apparatus 20, as a bridge for performing information interaction between the resident certificate card and the first resident certificate card verification security control apparatus 20, in practical applications, a plurality of resident certificate card reading apparatuses 10 can be provided, each resident certificate card reading apparatus 10 is connected to the first resident certificate card verification security control apparatus 20, the utilization rate of the first resident identification card authentication security control device 20 can thereby be improved. Also can set up a plurality of resident's certificate card and verify safety control equipment, every resident's certificate card reading device selects first resident's certificate card from a plurality of resident's certificate card verification safety control equipment earlier and verifies safety control equipment, then verify safety control equipment with first resident's certificate card and be connected, when guaranteeing to improve the utilization ratio that first resident's certificate card verified safety control equipment, also can guarantee every resident's certificate card reading device's reading speed, be unlikely to when a plurality of resident's certificate card reading device wait to be connected to first resident's certificate card verification safety control equipment, every resident's certificate card reading device's latency overlength.
Example 2
Fig. 2 is a schematic structural diagram of a resident identification card reading device 10 in a system for reading information of a resident identification card according to embodiment 1 of the present invention, and as shown in fig. 2, the resident identification card reading device 10 according to embodiment 1 of the present invention mainly includes: a first transceiver module 101, a first processing module 102, a second transceiver module 103, and a third transceiver module 104.
In the embodiment of the present invention, the third transceiver module 104 is configured to interact with the terminal 30 (the third transceiver module 101 receives a request sent by the terminal 30 and sends information to the terminal 30), and the terminal 30 in this embodiment may be a device capable of communicating and sending a command, for example, a PC, a PAD (tablet), a smart phone, a smart wearable device, an electronic signature device, and the like. The first transceiver module 101 interacts with (sends a request to and receives information from) the resident certificate card to transmit interaction information between the first resident certificate card verification security control device 20 and the resident certificate card, which may specifically be a resident certificate card, a driver's license, a student's license, or the like in this embodiment. The second transceiving module 103 interacts with (sends a request to and receives information from) the first resident identification card verification security control device 20 to transmit information between the first resident identification card verification security control device 20 and the resident identification card, and in this embodiment, the first resident identification card verification security control device 20 includes an SAM module. Wherein: the third transceiver module 104 is configured to trigger the first transceiver module 101 to periodically broadcast a card-searching instruction after receiving an operation request sent by the terminal 30; the first transceiving module 101 is configured to periodically broadcast a card searching instruction and receive a response message returned by the resident certificate card; the first processing module 102 is configured to determine whether the response message is card searching confirmation data for the card searching instruction, notify the first transceiver module to stop broadcasting the card searching instruction if the response message is the card searching confirmation data, and trigger the second transceiver module 103 to send a card searching request to the first residential certificate card verification security control device 20 through the network; the second transceiving module 103 is configured to send a card searching request to the first resident identification card verification security control device 20 through a network, and receive a card searching response sent by the first resident identification card verification security control device 20; the first processing module 102 is further configured to obtain card-searching response data, determine that the card-searching response data is response data in response to the card-searching request, and trigger the second transceiver module 103 to send card-searching confirmation data to the first resident certificate card verification security control device 20; the second transceiving module 103 is further configured to send card searching confirmation data to the first resident certificate card verification security control device 20 through a network; the first transceiving module 101 is further configured to send a card selection instruction to the resident identification card, and receive card selection confirmation data sent by the resident identification card, where the card selection confirmation data at least includes unique identification information of the resident identification card; the second transceiving module 103 is further configured to send a card selection request to the first resident identification card verification security control device 20, and receive a card selection request response sent by the first resident identification card verification security control device 20; the first processing module 102 is further configured to determine that the card selection request response is response data for the card selection request, and trigger the second transceiver module 103 to send card selection confirmation data to the first resident certificate card verification security control device 20; the second transceiving module 103 is further configured to send the card selection confirmation data to the first resident certificate card verification security control device 20; the first transceiver module 101 is further configured to send a card reading instruction to the resident certificate card and receive card reading confirmation data returned by the resident certificate card; the second transceiving module 103 is further configured to send a card reading request to the first resident certificate card verification security control device 20, where the card reading request is used to instruct the first resident certificate card verification security control device 20 to start a process of reading resident certificate card information; the first transceiving module 101 is further configured to, in a process that the first resident identification card verification security control device 20 reads the resident identification card information, receive first interaction information that the resident identification card sends to the first resident identification card verification security control device 20, and transmit second interaction information that the first resident identification card verification security control device 20 sends to the resident identification card; the second transceiving module 103 is further configured to send the first interaction information to the first resident certificate card verification security control device 20, and receive second interaction information sent by the first resident certificate card verification security control device 20; the second transceiving module 103 is further configured to receive resident certificate card information sent by the first resident certificate card verification security control device 20 after the resident certificate card information stored in the resident certificate card is read; the third transceiver module 104 is also used for sending the resident certificate card information to the terminal 30.
In the specific implementation process, the resident identification card reading device 10 receives an operation request sent by the terminal 30 through the third transceiving module 104 to wake up the resident identification card reading device 10 to enter a working state, trigger a card searching process, transmit a request and data between the resident identification card and the first resident identification card verification security control device 20 through the first transceiving module 101 and the second transceiving module 104, and enter a process (a card reading process) in which the first resident identification card verification security control device 20 reads information of the resident identification card after the card searching process and the card selecting process are finished. During the process of reading the resident certificate card information by the first resident certificate card verification security control device 20, the mutual information between the resident certificate card and the first resident certificate card verification security control device 20 is transmitted through the first transceiving module 101 and the second transceiving module 104, at this time, the mutual information between the first resident certificate card verification security control device 20 and the resident certificate card is based on the mutual information between the existing resident certificate card verification security control device and the resident certificate card, which may include one-time mutual information or a plurality of times mutual information, during the mutual information between the first resident certificate card verification security control device 20 and the resident certificate card, the first transceiving module 101 sends an instruction to the resident certificate card and receives the information returned by the resident certificate card, the second transceiving module 103 sends a request to the first resident certificate card verification security control device 20 and receives the response and the information returned by the first resident certificate card verification security control device 20, after the first resident identification card verification security control device 20 reads the resident identification card information stored in the resident identification card, the read resident identification card information is sent to the second transceiving module 103, so that the resident identification card reading device 10 obtains the resident identification card information, and finally, the third transceiving module 104 sends the resident identification card information to the terminal 30.
In specific implementation, in order to ensure that the resident identification card information can be safely read from the resident identification card, in the card searching process and the card selecting process, identity authentication is performed for a plurality of times between the resident identification card reading device 10 and the first resident identification card verification safety control device 20. Specifically, in an optional implementation of the embodiment of the present invention, the first processing module 102 is further configured to obtain first authentication data, and carry the first authentication data in the card searching request, so that the first residential quarter card verification security control device 20 performs identity authentication on the residential quarter card reading device 10 by using the first authentication data, after the identity authentication passes, the first residential quarter card verification security control device 20 will return a card searching response to the residential quarter card reading device 10, that is, the second transceiving module 103 can receive the card searching response, so that the first residential quarter card verification security control device 20 confirms that the identity of the residential quarter card reading device 10 is legal in the card searching process.
In an optional implementation of the embodiment of the present invention, the card-searching response at least carries second identity authentication data; the first processing module 101 obtains the card-searching response data by: and authenticating the identity of the first resident certificate card verification safety control device 20 according to the second identity authentication data, and acquiring the card searching response data under the condition that the authentication is passed so as to trigger the second transceiver module 103 to send the card searching confirmation data to the first resident certificate card verification safety control device 20, so that the resident certificate card reading device 10 confirms that the identity of the first resident certificate card verification safety control device 20 is legal in the card searching process.
In an optional implementation of the embodiment of the present invention, the first processing module 102 is further configured to, before the second transceiver module 103 sends the card selection request to the first residential certificate card verification security control device 20, obtain third authentication data, and carry the third authentication data in the card selection request, so that the first residential certificate card verification security control device 20 performs authentication on the residential certificate card reading apparatus 10 by using the third authentication data, after the authentication passes, the first residential certificate card verification security control device 20 will return a card selection response to the residential certificate card reading apparatus 10, that is, the second transceiver module 103 can receive the card selection response, so that the first residential certificate card verification security control device 20 confirms that the identity of the residential certificate card reading apparatus 10 is legal in the card selection process.
In an optional implementation of the embodiment of the present invention, the card selection request response at least carries fourth identity authentication data; the first processing module 102 obtains the card selection request response data by: and authenticating the identity of the first resident certificate card verification safety control device 20 according to the fourth identity authentication data, acquiring the card selection request response data under the condition that the authentication is passed, and further triggering the second transceiver module 103 to send the card selection confirmation data to the first resident certificate card verification safety control device 20, so that the resident certificate card reading device 10 confirms that the identity of the first resident certificate card verification safety control device 20 is legal in the card selection process.
In an optional implementation of the embodiment of the present invention, the first processing module 102 is further configured to, before the second transceiver module 103 sends the card reading request to the first resident certificate card verifying security control device 20, acquire fifth authentication data, and carry the fifth authentication data in the card reading request, so that the first resident certificate card verifying security control device 20 confirms that the identity of the resident certificate card reading apparatus 10 is legal in the card reading process.
In the embodiment, the identity of the first resident identification card verification security control device 20 and the identity of the resident identification card reading device 10 are both legal through authentication in the card searching process and the card selecting process, so that the information stored in the resident identification card can be safely read.
In this embodiment, in order to ensure the transmission security, in the process of reading the resident identification card information by the first resident identification card verification security control device, the resident identification card reading apparatus 10 and the first resident identification card verification security control device 20 may encrypt and decrypt the transmitted and received data, and in an alternative embodiment, as shown in fig. 3, the resident identification card reading apparatus 10 further includes: the key negotiation module 105 is configured to negotiate with the first resident certificate card verification security control device 20 to obtain a session key before the second transceiver module 103 sends the card reading request to the first resident certificate card verification security control device 20; specifically, the second transceiving module 103 transmits the first interaction information to the first resident identification card verification security control device 20 by: the second transceiving module 103 encrypts the first interaction information by using the session key to obtain a first interaction information ciphertext, and sends the first interaction information ciphertext to the first resident certificate card verification security control device 20; the second transceiving module 20 receives the second interaction information sent by the first resident identification card verification security control device 20 and the resident identification card information sent by the first resident identification card verification security control device 20 after reading the resident identification card information stored in the resident identification card: the second transceiving module 103 decrypts the second interaction information ciphertext sent by the first resident certificate card verification security control device 20 by using the session key to obtain second interaction information; and the second transceiving module 103 decrypts the resident certificate card information ciphertext sent by the first resident certificate card verification security control device 20 by using the session key to obtain the resident certificate card information. Therefore, the safety of information transmission in the process of reading the resident certificate card information by the first resident certificate card verification safety control device can be ensured.
In an alternative embodiment of the present invention, as shown in fig. 3, the resident identification card reading device 10 may further include: and the storage module 106 is connected with the second transceiver module 103 and is used for storing the resident certificate card information received by the second transceiver module 103. The resident identification card reading device 10 can also store the received resident identification card information, so that the resident identification card information can be directly acquired from the resident identification card reading device when the resident identification card information needs to be presented later, and a user does not need to carry the resident identification card, thereby providing great convenience for the user.
In a specific implementation process, the resident identification card reading apparatus 10 may further include a prompting module, where the prompting module is used to prompt information (for example, prompt received resident identification card information) that a user needs to know in the process of acquiring the resident identification card information, and specifically may be a display screen or a voice playing device, etc.
In an optional implementation manner of the embodiment of the present invention, when there are a plurality of first resident identification card verification security control devices, the resident identification card reading apparatus 10 needs to determine the first resident identification card verification security control device to be sent when sending the first request (card search request), and therefore, in this embodiment, the second transceiving module 103 sends the card search request to the first resident identification card verification security control device 20 through the network by: the first resident identification card verification security control device 20 is selected from the plurality of resident identification card verification security control devices, and the card search request is sent to the selected first resident identification card verification security control device 20. Through the above optional implementation scheme, a plurality of resident certificate card verification safety control devices can be set during specific implementation, each resident certificate card reading device 10 selects the first resident certificate card verification safety control device 20 first, and then is connected with the first resident certificate card verification safety control device 20, while the utilization rate of the first resident certificate card verification safety control device 20 is ensured to be improved, the reading speed of each resident certificate card reading device can be ensured, and the waiting time of each resident certificate card reading device is too long when a plurality of resident certificate card reading devices wait to be connected to the first resident certificate card verification safety control device 20.
In this alternative embodiment, the second transceiving module 103 selects the first resident certificate card authentication security control device 20 from the plurality of resident certificate card authentication security control devices by means including, but not limited to, one of:
selecting a first resident certificate card verification safety control device 20 from a plurality of resident certificate card verification safety control devices according to the corresponding relation between a prestored resident certificate card reading device 10 and the first resident certificate card verification safety control device 20;
in practical application, as an optional embodiment, the resident identification card reading device 10 is connected to a plurality of first resident identification card verification security control devices 20, and the corresponding relationship between the resident identification card reading device 10 and each first resident identification card verification security control device 20 can be stored in advance; as a preferable scheme, when the operation request sent from the terminal is received for the first time, the resident identification card reading device 10 may select the first resident identification card verification security control device 20 corresponding to the selected resident identification card verification security control device from the plurality of resident identification card verification security control devices according to the correspondence, and accordingly, initiate a card searching request to the first resident identification card verification security control device 20 to establish a connection with the first resident identification card verification security control device 20. With this alternative embodiment, the step of selecting the first resident certificate card verification security control device is performed only when the operation request sent by the terminal is received for the first time, and the step of selecting the first resident certificate card verification security control device is not performed when the operation request is subsequently received, so that the connection speed between the resident certificate card reading apparatus 10 and the first resident certificate card verification security control device 20 can be greatly increased. Of course, the above-described step of selecting the first resident certificate card authentication security control device 20 may be performed each time an operation request transmitted from the terminal is received. With this alternative embodiment, in a scenario where there are a plurality of resident identification card verification security control devices, the resident identification card reading apparatus 10 can self-select the first resident identification card verification security control device 20, improving system manageability.
And in the second mode, the resident certificate card verification safety control device with the current working state being idle is selected as the first resident certificate card verification safety control device 20.
In practical application, as an optional implementation scheme, the resident identification card reading device 10 may further record the operating status of each resident identification card verification security control device in the plurality of resident identification card verification security control devices connected thereto, before sending the card reading request or the card detection request, the resident identification card reading device 10 may select, as the first identification card verification security control device 20, the resident identification card verification security control device whose current operating status is idle according to the operating status of each resident identification card verification security control device, and mark the operating status of the first resident identification card verification security control device 20 as non-idle. With this alternative embodiment, it is possible to avoid a situation where one resident certificate card authentication security control apparatus receives information of a plurality of resident certificate card reading devices 10 at the same time, resulting in a decrease in efficiency.
In an optional implementation of the embodiment of the present invention, in order to quickly release the unused resident identification card verification security control device, the resident identification card reading device 10 may further mark the operating state of the first resident identification card verification security control device 20 as idle after the resident identification card reading device 10 and the first resident identification card verification security control device 20 are in communication.
In practical application of the present invention, the resident identification card reading device 10 is equivalent to a reading module in an existing resident identification card reader, has only an information interaction function, and does not have other functions such as SAM authentication of the existing resident identification card reader, and is independently disposed with the terminal and the first resident identification card verification security control device, and the resident identification card reading device 10 may have two or more interfaces (wired or wireless), and may be respectively connected to the terminal device and the first resident identification card verification security control device through a wired connection (e.g., USB interface, serial port, earphone interface, etc.) or a wireless connection (e.g., WIFI, bluetooth, infrared, NFC, etc.).
The resident certificate card reading device provided by the embodiment of the invention is independent of the first resident certificate card verification safety control device 20, can perform information interaction with the first resident certificate card verification safety control device 20, can be connected with a resident certificate card, and is used as a bridge for performing information interaction between the resident certificate card and the first resident certificate card verification safety control device 20, and is structurally separated from the first resident certificate card verification safety control device (SAM module). In practical application, a plurality of resident identification card reading devices can be set, and each resident identification card reading device is connected with the first resident identification card verification safety control device 20, so that the utilization rate of the first resident identification card verification safety control device 20 can be improved. In practical application, also can set up a plurality of resident's certificate card and verify safety control device, every resident's certificate card reading device chooses first resident's certificate card earlier and verifies safety control device 20, then verify safety control device 20 with first resident's certificate card and be connected, when guaranteeing to improve the utilization ratio that first resident's certificate card verifies safety control device 20, also can guarantee every resident's certificate card reading device's reading speed, be unlikely to when a plurality of resident's certificate card reading devices wait to be connected to first resident's certificate card and verify safety control device 20, every resident's certificate card reading device's latency overlength.
Example 3
The embodiment provides a method for reading information of a resident identification card corresponding to the system and the resident identification card reading device provided in the embodiments 1 and 2. Fig. 4 is a flowchart of a method for reading information of a resident identification card according to embodiment 3 of the present invention, and as shown in fig. 4, the method includes the following steps S101 to S121:
s101, the terminal sends an operation request to a resident certificate card reading device;
the terminal in this embodiment is a device capable of communicating and sending an instruction, such as a PC, a PAD (tablet computer), a smart phone, a smart wearable device, and an electronic signature device (e.g., a U shield of a work bank, a K bank of a farming bank, etc.).
In the specific implementation process, the terminal and the resident certificate card reading device can be connected through a wired connection (for example, a USB interface, a serial port, an audio interface and the like) or a wireless connection (for example, WIFI, Bluetooth, infrared, NFC and the like).
In this embodiment, the resident identification card may include identification cards such as a resident identification card, a driver's license, and a student's license, when a user needs to read the resident identification card information stored in the resident identification card, an operation request is sent to the resident identification card reading device through the terminal, and the resident identification card reading device is awakened, for example, the resident identification card reading device is turned on from shutdown, or enters a working state from a sleep state, so that the resident identification card reading device starts a periodic broadcast card searching instruction, and then a process of detecting the resident identification card (searching and selecting the card) is started, so as to further read the resident identification card information stored in the resident identification card. For example, a user can input an operation instruction to the terminal through a certain key in the terminal, and the terminal responds to the operation instruction input by the user and sends an operation request to the resident certificate card reading device.
S102, after receiving an operation request sent by a terminal, the resident certificate card reading device broadcasts a card searching instruction periodically;
the resident certificate card reading device can search nearby cards by broadcasting a card searching command outwards, and when a plurality of cards exist nearby the resident certificate card reading device, the resident certificate card reading device can search the cards.
S103, the resident certificate card reading device receives a response message returned by the resident certificate card;
after the resident certificate card detects the card searching command, a response message is returned to the resident certificate card reading device, so that the resident certificate card reading device can identify and detect the resident certificate card.
S104, the resident certificate card reading device judges that the response message is card searching confirmation data aiming at the card searching instruction;
s105, the resident certificate card reading device stops broadcasting the card searching command and sends a card searching request to the first resident certificate card verification safety control device through the network;
in this embodiment, the resident identification card reading device sends a card searching command to the outside at intervals, after receiving the card searching command, the resident identification card sends card searching confirmation data to the resident identification card reading device, and after receiving the card searching confirmation data sent by the resident identification card, the resident identification card reading device sends a card searching request to the first resident identification card verification safety control device.
After confirming that the response message returned by the resident certificate card is the confirmation data aiming at the card searching instruction, the resident certificate card reading device indicates that the card searching of the resident certificate card reading device is successful, the card searching instruction does not need to be broadcasted, the resident certificate card reading device can perform subsequent processes aiming at the searched card, namely, a card searching request is sent to the first resident certificate card verification safety control device, and therefore, the card searching process of the first resident certificate card verification safety control device is triggered. The first resident certificate card verification safety control device is arranged at a far end through a network, the resident certificate card reading device cannot be directly connected with the resident certificate card reading device in a wired mode, and can be connected with the first resident certificate card verification safety control device through a wireless connection (such as WIFI, Bluetooth, infrared, NFC and the like) and a remote network.
In this embodiment, in order to ensure that the information of the resident identification card is read out safely, in the card searching process, mutual authentication can be performed between the resident identification card reading device and the first resident identification card verification safety control device, the authentication is passed, as an optional implementation manner in this embodiment, the card-searching request at least carries the first identity authentication data, so that after the first resident identification card verification security control device receives the card-searching request, the first identity authentication data can be used for authenticating the identity of the resident certificate card reading device, and only after the identity authentication is passed, the first resident identification card verification security control device returns a card search response to the resident identification card reading means (i.e. step S106), so that the first resident certificate card verification safety control equipment confirms that the identity of the resident certificate card reading device is legal in the card searching process.
For example, after receiving card-searching confirmation data sent by the resident certificate card, the resident certificate card reading device encrypts the card-searching request data by using the first authentication encryption key to obtain a card-searching request data ciphertext, and signs the card-searching request data ciphertext by using a private key of the resident certificate card reading device to obtain a card-searching request signature value; the first identity authentication data can comprise a card searching request data ciphertext, a card searching request signature value and a certificate of the resident certificate card reading device, so that the first resident certificate card authentication security control device can conveniently perform authentication. The first authentication encryption key is used for encrypting the card searching request data and then transmitting the encrypted data to the first resident certificate card verification safety control equipment, so that the safety of the card searching request data in network transmission can be ensured.
As an optional implementation manner of this embodiment, the card-searching request data may include a timestamp and/or single authentication data, and the card-searching request may further include an identifier of the resident certificate card reading device. Wherein the single authentication data includes a count value and/or a random factor generated by a counter in the resident certificate card reading device. When the single authentication data is the count value generated by the counter, the counter generates a count value for counting the sent first data packet each time the resident certificate card reading device performs the resident certificate card information reading operation, for example, when the resident certificate card reading device reads the resident certificate card a, the counter generates a count value 1, and when the resident certificate card B is read next time, the counter generates a count value 2, and so on, although the specific count value form is not limited thereto; when the single authentication data is a random factor, the random factor may be one or a string of random numbers, or may be one or a string of random characters, or any combination of a string of random numbers and random characters; the identification of the resident identification card reading device can be a serial number of the resident identification card reading device, and of course, the identification of the resident identification card reading device is not limited to the serial number of the resident identification card reading device as long as the identification can uniquely represent the resident identification card reading device.
As an optional implementation manner of this embodiment, the certificate of the resident certificate card reading device at least includes a public key of the resident certificate card reading device. The private key of the resident certificate card reading device used in this step and the public key in the certificate of the resident certificate card reading device used in steps S106 and S113 are a pair of asymmetric key pairs, and are respectively used for signing and verifying the data transmitted from the resident certificate card reading device to the first resident certificate card verification security control device.
In addition, the resident certificate card information stored in the resident certificate card is encrypted and transmitted, and due to the particularity of the resident certificate card, the resident certificate card information stored in the resident certificate card can be decrypted only by the resident certificate card verification safety control device. In a specific implementation process, the resident certificate card reading device may set, in the card searching request, a content to be decrypted by the first resident certificate card verification security control device, for example, the first resident certificate card verification security control device may be set to read only basic information (for example, name, gender, birth year and month, and the like) stored in the resident certificate card, the first resident certificate card verification security control device may also be set to read basic information + photo stored in the resident certificate card, the first resident card verification security control device may also be set to read basic information + photo + fingerprint information and the like stored in the resident certificate card, and the setting may be specifically performed as required. In a specific implementation process, the setting can be performed by a user at a terminal, after the setting is completed, the setting is sent to the resident certificate card reading device through an operation request, and according to the setting of the user, the resident certificate card reading device sends the setting information to the first resident certificate card verification safety control device when sending the card searching request, or the card searching request can carry the setting information.
Furthermore, in an optional implementation of the embodiment of the present invention, the resident identification card reading apparatus may be connected to a plurality of resident identification card verification security control devices, and in step S105, the sending, by the resident identification card reading apparatus, the card search request to the first resident identification card verification security control device via the network includes: the resident certificate card reading device selects a first resident certificate card verification safety control device from a plurality of resident certificate card verification safety control devices, and sends a card reading request to the selected first resident certificate card verification safety control device. Therefore, in the subsequent communication process, the resident certificate card reading device directly sends the related request and the interactive information to the selected first resident certificate card verification safety control equipment.
In practical application, also can set up a plurality of resident's certificate card and verify safety control equipment, every resident's certificate card reading device chooses first resident's certificate card earlier and verifies safety control equipment, then verify safety control equipment with first resident's certificate card and be connected, when guaranteeing to improve the utilization ratio that first resident's certificate card verified safety control equipment, also can guarantee that every resident's certificate card reading device's reading speed is unlikely to, when waiting to be connected to first resident's certificate card verification safety control equipment as a plurality of resident's certificate card reading devices, every resident's certificate card reading device's latency overlength.
In this alternative embodiment, the mode of selecting the first resident identification card verification security control device from the plurality of resident identification card verification security control devices by the resident identification card reading means includes, but is not limited to, one of the following:
selecting first resident certificate card verification safety control equipment from a plurality of resident certificate card verification safety control equipment according to a corresponding relation between a prestored resident certificate card reading device and the first resident certificate card verification safety control equipment;
in practical application, as an optional implementation scheme, the resident certificate card reading device is connected with a plurality of resident certificate card verification safety control devices, and the corresponding relation between the resident certificate card reading device and each resident certificate card verification safety control device can be stored in advance; as a preferred scheme, when receiving an operation request sent from a terminal for the first time, the resident identification card reading device may select, according to the correspondence, a first resident identification card verification security control device corresponding to the resident identification card reading device from the plurality of resident identification card verification security control devices, and correspondingly, initiate a card search request to the first resident identification card verification security control device, and establish a connection with the first resident identification card verification security control device. Through the optional implementation scheme, the step of selecting the first resident certificate card verification safety control device is only carried out when the operation request sent by the terminal is received for the first time, and the step of selecting the first resident certificate card verification safety control device is not carried out when the operation request is received subsequently, so that the connection speed of the resident certificate card reading device and the first resident certificate card verification safety control device can be greatly improved. Of course, the above-described step of selecting the first resident certificate card authentication security control device may be performed each time an operation request transmitted from the terminal is received. Through the optional implementation scheme, under the scene that a plurality of resident certificate card verification safety control devices exist, the resident certificate card reading device can self-select the first resident certificate card verification safety control device, and the system manageability is improved.
And selecting the resident certificate card verification safety control equipment with the idle current working state as the first resident certificate card verification safety control equipment.
In practical application, as an optional implementation scheme, the resident certificate card reading device may further record a working state of each resident certificate card verification safety control device in the plurality of resident certificate card verification safety control devices connected thereto, before sending the card reading request or the card detection request, the resident certificate card reading device may verify the working state of the safety control device according to each resident certificate card, select the resident certificate card verification safety control device whose current working state is idle as the first resident certificate card verification safety control device, and mark the working state of the first resident certificate card verification safety control device as non-idle. Through the optional implementation scheme, the situation that one resident certificate card verification safety control device receives information of a plurality of resident certificate card reading devices at the same time to cause efficiency reduction can be avoided.
In an optional implementation of the embodiment of the present invention, in order to quickly release the unused resident identification card verification security control device, the resident identification card reading device may further mark the operating state of the first resident identification card verification security control device as idle after the communication between the resident identification card reading device and the first resident identification card verification security control device is ended.
S106, the first resident certificate card verification safety control equipment receives a card searching request and sends a card searching response to the resident certificate card reading device through a network, wherein the card searching response carries card searching response data;
based on the first authentication data carried in the card searching request in step S105, in this step, as an optional implementation manner, before the first resident identification card verification security control device sends the card searching response to the resident identification card reading device, the method provided in this embodiment further includes: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to the first identity authentication data carried in the card searching request, and executes the step of sending the card searching response to the resident certificate card reading device under the condition that the authentication is passed.
In step S105, for example, the first resident identification card verification security control device authenticates the identity of the resident identification card reading device, which may be as follows: the first resident certificate card verification safety control device receives the card searching request, utilizes a public key in a certificate of the resident certificate card reading device to perform signature verification on the card searching request signature value, and utilizes a first authentication decryption key to decrypt the card searching request data ciphertext after the signature verification on the card searching request signature value is passed, so that the card searching request data are obtained. Therefore, if the signature verification is passed, the first resident certificate card verification safety control device confirms that the identity of the resident certificate card reading device is legal, and the first resident certificate card verification safety control device executes the step of sending the card searching response to the resident certificate card reading device.
As an optional implementation manner of this embodiment, after receiving the card searching request, the first device for controlling verification of the resident identification card verifies the received certificate of the resident identification card reading device by using the root certificate, so as to prevent an illegal party from tampering with the public key in the certificate of the resident identification card reading device, thereby implementing security authentication on the resident identification card reading device, and improving the security of interaction between the two parties.
In this embodiment, the first authentication decryption key is the same key as the first authentication encryption key in step 105, that is, a symmetric key, and is pre-embedded in the first resident certificate card verification security control device and the resident certificate card reading device, the resident certificate card reading device encrypts, by using the symmetric key, data that is first sent to the first resident certificate card verification security control device by the resident certificate card reading device, and the first resident certificate card verification security control device decrypts, by using the symmetric key, data that is first received by the first resident certificate card verification security control device and sent by the resident certificate card reading device, thereby ensuring security of data first transmission between the resident certificate card reading device and the first resident certificate card verification security control device. Optionally, the first authentication encryption key and the first authentication decryption key are stored in a key database, and the first resident identification card verification security control device may read the first authentication decryption key from the key database and store the first authentication encryption key and the first authentication decryption key locally in the first resident identification card verification security control device. The resident identification card reading device can also read the first authentication encryption key from the key database and store the first authentication encryption key locally in the resident identification card reading device.
In order to implement the identity authentication of the resident certificate card reading device on the first resident certificate card verification security control device in the card searching process, as an optional implementation manner, the card searching response at least carries second identity authentication data, so that the resident certificate card reading device can authenticate the identity of the first resident certificate card verification security control device by using the second identity authentication data after receiving the card searching response, and only after the authentication is passed, the resident certificate card reading device can acquire the card searching response data and then return card searching confirmation data to the first resident certificate card verification security control device (i.e., step S108), so that the resident certificate card reading device confirms that the identity of the first resident certificate card verification security control device is legal in the card searching process.
For example, after the first resident certificate card verification security control device receives a card searching request sent by the resident certificate card reading device and passes the identity authentication of the resident certificate card reading device, the first authentication encryption key is used for encrypting the card searching response data to obtain a card searching response data ciphertext, and a private key of the first resident certificate card verification security control device is used for signing the card searching response data ciphertext to obtain a card searching response signature value; the second identity authentication data can comprise a card searching response data ciphertext, a card searching response signature value and a certificate of the first resident certificate card verification security control device. The first authentication encryption key is used for encrypting the card searching response data and then transmitting the encrypted card searching response data to the resident certificate card reading device, so that the safety of the card searching response data in network transmission can be ensured, and the first resident certificate card verification safety control equipment uses a private key stored by the first resident certificate card verification safety control equipment to sign the card searching request response ciphertext, so that illegal molecules can be prevented from tampering the card searching response ciphertext. As an optional implementation manner of this embodiment, the card-seeking response data may include a timestamp and/or single-time authentication data, and the specific description of the single-time authentication data may refer to the description of the single-time authentication data in the card-seeking request data in step S105, which is not described herein again. The certificate of the first resident certificate card verification safety control device comprises a public key of the first resident certificate card verification safety control device, and a private key of the first resident certificate card verification safety control device and the public key of the first resident certificate card verification safety control device are a pair of asymmetric key pairs which are used for signing and verifying data transmitted from the first resident certificate card verification safety control device to the resident certificate card reading device.
S107, the resident certificate card reading device receives a card searching response sent by the first resident certificate card verification safety control device, and card searching response data are obtained;
based on the second identity authentication data carried in the card search response in step S106, in this step, as an optional implementation manner, before the card search response data is acquired after the resident identification card reading device receives the card search response sent by the first resident identification card verification security control device, the method provided in this embodiment further includes: and the resident certificate card reading device authenticates the identity of the first resident certificate card verification safety control device according to the second identity authentication data, and executes the step of acquiring the card searching response data under the condition that the authentication is passed.
In step S106, for example, the identity of the first resident identification card verification security control device is authenticated by the resident identification card reading device, which may be as follows: and the resident certificate card reading device receives the card searching response, verifies the signature of the card searching response signature value by using a certificate of the first resident certificate card verification safety control device, and decrypts the card searching response data ciphertext by using the first authentication decryption key after the card searching response signature value is verified to pass, so that the card searching response data is obtained. Therefore, if the signature verification is passed, the resident identification card reading device confirms that the identity of the first resident identification card verification security control device is legal, and the resident identification card reading device executes the operation of acquiring the card searching response data, and further executes the step of sending the card searching confirmation data to the first resident identification card verification security control device (S108).
As an optional implementation manner of this embodiment, after receiving the card-seeking response, the resident certificate card reading device verifies the received certificate of the first resident certificate card verification security control device by using the root certificate, so as to prevent an illegal party from tampering with the public key in the certificate of the first resident certificate card verification security control device, implement security authentication on the first resident certificate card verification security control device, and improve the security of interaction between the two parties.
In this step, the first authentication decryption key is the same key as the first authentication encryption key in step S106, that is, a symmetric key, and is previously built in the first resident identification card verification security control device and the resident identification card reading device, the same key as the symmetric key in step S105 and step S106 may be used, or a symmetric key separately provided may be used, and may be stored locally in both devices, or may be stored in a key database, and is acquired from the key database when necessary.
S108, the resident certificate card reading device determines that the card searching response data are response data responding to the card searching request, and sends the card searching confirmation data to the first resident certificate card verification safety control equipment;
therefore, the resident certificate card reading device completes the card searching process (step S101-S108), mutual authentication between the resident certificate card reading device and the first resident certificate card verification safety control device is completed in the card searching process, two devices in the card searching process are guaranteed to be legal devices, only after the authentication of the two devices is passed, the subsequent process can be entered, and the resident certificate card can be identified through the first resident certificate card verification safety control device in the card searching process. And entering a card selecting process after the card searching process is finished, and confirming which resident certificate card is read by the first resident certificate card verification safety control equipment in the card selecting process. As an optional implementation manner of this embodiment, after the step S108, the following implementation steps (steps S109 to S115) of the card selection flow are further included:
s109, the resident certificate card reading device sends a card selecting instruction to the resident certificate card;
s110: the resident certificate card reading device receives card selection confirmation data sent by the resident certificate card, wherein the card selection confirmation data at least comprises unique identification information of the resident certificate card;
the unique identification information of the resident certificate card can uniquely identify the identity of the resident, for example, the unique identification information can be a resident certificate card number, a driver's license number, a student number and the like, and can also be a resident photo, a fingerprint and the like. The card selection confirmation data resident certificate card reading device confirms that only the communication with the resident certificate card is carried out, namely, only the resident certificate card is selected, and the communication with other nearby cards is not carried out.
S111: the resident certificate card reading device sends a card selection request to the first resident certificate card verification safety control equipment through a network;
in this embodiment, because the first resident identification card verifies that the security control device sets up at resident identification card reading device's distal end, consequently, resident identification card reading device can not directly rather than wired connection, can pass through wireless connection (for example WIFI, bluetooth, infrared, NFC etc.), also can verify the security control device through remote network and first resident identification card and be connected.
In this embodiment, in order to ensure that the information of the resident identification card is read out safely, in the card selecting process, mutual authentication can be performed again between the resident identification card reading device and the first resident identification card verification security control device, and if the authentication is passed, it indicates that the identity is legal, and the subsequent process is allowed to be performed. As an optional implementation manner in this embodiment, the card selection request carries third identity authentication data, so that after the first residential certificate card verification security control device receives the card selection request, the third identity authentication data can be used to authenticate the identity of the residential certificate card reading device, and only after the authentication is passed, the first residential certificate card verification security control device returns a card selection request response to the residential certificate card reading device (i.e., step S112), so that the first residential certificate card verification security control device confirms that the identity of the residential certificate card reading device is legal in the card selection process.
For example, the resident certificate card reading device may encrypt the card selection request data by using the second authentication encryption key after receiving the card selection confirmation data sent by the resident certificate card to obtain a card selection request data cipher text, and sign the card selection request data cipher text by using a private key of the resident certificate card reading device to obtain a card selection request signature value; the third identity authentication data may include a card selection request data cipher text and a card selection request signature value so as to facilitate the verification of the first resident certificate card verification security control device. The second authentication encryption key in this step may be the same key as the first authentication encryption key in step S105, or may be a different key, and the security of the card selection request data in network transmission may be ensured by encrypting the card selection request data with the second authentication encryption key and transmitting the encrypted card selection request data to the first resident certificate card verification security control device. As an optional implementation manner of this embodiment, the card selection request data may include a timestamp and/or single authentication data, which is similar to the content of the card searching request data in step S105 and is not described herein again.
S112, the first resident identification card verification safety control device receives the card selection request and sends a card selection request response to the resident identification card reading device through the network;
based on the third identity authentication data carried in the card searching request in step S111, in this step, as an optional implementation manner, after the first residential certificate card verification security control device receives the card selection request, before sending a card selection request response to the residential certificate card reading device, the method provided in this embodiment further includes: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to the third identity authentication data carried in the card selection request, and executes the step of sending a card selection request response to the resident certificate card reading device through the network under the condition that the authentication is passed.
In step S111, for example, the first resident identification card verification security control device authenticates the identity of the resident identification card reading device, which may be as follows: the first resident certificate card verification safety control device receives the card selection request, utilizes the certificate of the resident certificate card reading device to perform signature verification on the card selection request signature value, and utilizes the second authentication decryption key to decrypt the card selection request data ciphertext after the signature verification on the card selection request signature value is passed, so that the card selection request data are obtained. Therefore, if the signature verification is passed, the first resident certificate card verification safety control device confirms that the identity of the resident certificate card reading device is legal, and the first resident certificate card verification safety control device executes the step of sending the card selection response to the resident certificate card reading device.
In this embodiment, the second authentication decryption key is the same key as the second authentication encryption key in step S111, that is, a symmetric key, and the second authentication encryption key and the second authentication decryption key may be embedded in the first resident identification card verification security control device and the resident identification card reading apparatus in advance, or may be stored in the key database and acquired from the key database when necessary.
In order to realize the identity authentication of the resident certificate card reading device on the first resident certificate card verification safety control device in the card selection process, as an optional implementation mode, the card selection request response at least carries fourth identity authentication data; and after receiving the card selection request response, the resident certificate card reading device can authenticate the identity of the first resident certificate card verification security control device by using the fourth identity authentication data, and only after the authentication is passed, the resident certificate card reading device returns card selection confirmation data to the first resident certificate card verification security control device (namely step S114), so that the resident certificate card reading device confirms that the identity of the first resident certificate card verification security control device is legal in the card selection process.
For example, after the first resident certificate card verification security control device receives a card selection request sent by the resident certificate card reading device and passes the identity authentication of the resident certificate card reading device, the second authentication encryption key is used for encrypting the card selection request response data to obtain a card selection request response data ciphertext, and the private key of the first resident certificate card verification security control device is used for signing the card selection request response data ciphertext to obtain a card selection request response signature value; the fourth authentication data may include: the card selection request response data ciphertext and the card selection request response signature value; the first resident certificate card verification security control equipment signs the card selection request response ciphertext by using a private key stored by the first resident certificate card verification security control equipment, so that the card selection response ciphertext can be prevented from being tampered by illegal molecules. As an optional implementation manner of this embodiment, the card selection response data may include a timestamp and/or single authentication data, and the specific description of the single authentication data may refer to the description of the single authentication data in the card selection request data in step S105, which is not described herein again.
S113, the resident identification card reading device receives a card selection request response sent by the first resident identification card verification safety control device, and card selection request response data are obtained;
based on the fourth authentication data carried in the card selection request response in step S112, in this step, as an optional implementation manner, after the resident identification card reading device receives the card selection request response sent by the first resident identification card verification security control device, before acquiring the card selection request response data, the method provided in this embodiment further includes: and the resident certificate card reading device authenticates the identity of the first resident certificate card verification safety control device according to the fourth identity authentication data, and executes the step of acquiring card selection request response data under the condition that the authentication is passed.
In step S112, for example, the identity of the first resident identification card verification security control device is authenticated by the resident identification card reading device, which may be as follows: the resident certificate card reading device verifies the received card selection request response signature value by using a certificate of the first resident certificate card verification safety control device, and decrypts the received card selection request response data cipher text by using a second authentication decryption password after the verification of the card selection request response signature value is passed, so as to obtain card selection request response data. Therefore, if the signature verification is passed, the resident identification card reading device confirms that the identity of the first resident identification card verification security control device is legal, and the resident identification card reading device performs the operation of acquiring the card selection response data, and further performs the step of sending the card selection confirmation data to the first resident identification card verification security control device (S114).
In this step, the second authentication decryption key is the same key as the second authentication encryption key in step S112, that is, a symmetric key, and is previously built in the first resident identification card verification security control device and the resident identification card reading device, and the same key as the symmetric key in step S111 and step S112 may be used, or a symmetric key separately provided may be used, and may be stored locally in both devices, or may be stored in a key database, and is acquired from the key database when necessary.
S114, the resident certificate card reading device determines that the card selection request response data is response data aiming at the card selection request, and sends card selection confirmation data to the first resident certificate card verification safety control equipment;
therefore, the resident certificate card reading device completes the card selecting process, mutual authentication between the resident certificate card reading device and the first resident certificate card verification safety control device is completed in the card selecting process, two devices in the card selecting process are legal devices, and only after the authentication of both sides is passed, the subsequent process can be entered. And entering a card reading process after the card selecting process is finished, and reading the plaintext of the resident certificate card information from the resident certificate card by the first resident certificate card verification safety control device in the card reading process. After step S114, the card reading process is started, and specifically includes the following steps (steps S115 to S121):
s115, the resident certificate card reading device sends a card reading instruction to the resident certificate card;
s116, the resident certificate card reading device receives card reading confirmation data returned by the resident certificate card;
s117, the resident certificate card reading device sends a card reading request to the first resident certificate card verification safety control device, wherein the card reading request is used for indicating the first resident certificate card verification safety control device to start a process of reading resident certificate card information;
in this embodiment, in order to ensure that the information of the resident certificate card is read out safely, in the card reading process, the first resident certificate card verification safety control device may further perform identity authentication on the resident certificate card reading device again, and if the authentication passes, it indicates that the identity is legal, the card reading request sent by the resident certificate card reading device may be responded, and the certificate card information read out from the resident certificate card is sent to the resident certificate card reading device. As an optional implementation manner in this embodiment, the card reading request at least carries fifth identity authentication data; after the first resident certificate card verification safety control device receives the card reading request, the identity of the resident certificate card reading device can be authenticated by using the fifth identity authentication data, and only after the authentication is passed, the first resident certificate card verification safety control device starts a process of reading the resident certificate card information (namely step S118), so that the first resident certificate card verification safety control device confirms that the identity of the resident certificate card reading device is legal in the card reading process, and the certificate card information in the resident certificate card is ensured to be read out safely.
For example, after receiving the card reading confirmation data sent by the resident certificate card, the resident certificate card reading device encrypts the card reading request data by using the third authentication encryption key to obtain a card reading request data ciphertext, and signs the card reading request data ciphertext by using a private key of the resident certificate card reading device to obtain a card reading request signature value; the fifth identity authentication data can comprise a card reading request data ciphertext and a card reading request signature value so as to facilitate the verification of the first resident certificate card verification security control device. The third authentication encryption key in this step may be the same key as the first authentication encryption key and the second authentication encryption key in steps S105 and S111, or may be a different key, and the card selection request data is encrypted by using the third authentication encryption key and then transmitted to the first resident certificate card verification security control device, so that the security of the card reading request data in network transmission can be ensured. As an optional implementation manner of this embodiment, the card reading request data may include a timestamp and/or single authentication data, which is similar to the content of the card searching request data in step S105 and is not described herein again.
S118, the first resident certificate card verification safety control device receives the card reading request and starts a process of reading resident certificate card information;
based on the fifth authentication data carried in the card reading request in step S117, in this step, as an optional implementation manner, after the first resident certificate card verification security control device receives the card reading request, before starting a process of reading information of the resident certificate card, the method provided in this embodiment further includes: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to fifth identity authentication data carried in the card selection request, and starts a flow for reading the resident certificate card information under the condition that the authentication is passed.
In step S117, for example, the first resident identification card verification security control device authenticates the identity of the resident identification card reading device, which may be as follows: the first resident certificate card verification safety control device receives the card reading request, utilizes the certificate of the resident certificate card reading device to perform signature verification on the card reading request signature value, and utilizes the third authentication decryption key to decrypt the card reading request data ciphertext after the card reading request signature value passes the signature verification, so that the card reading request data is obtained. Therefore, if the signature verification is passed, the first resident certificate card verification safety control device confirms that the identity of the resident certificate card reading device is legal, and the first resident certificate card verification safety control device starts to read the resident certificate card information.
In this embodiment, the third authentication decryption key is the same key as the third authentication encryption key in step S117, that is, a symmetric key, and the third authentication encryption key and the third authentication decryption key may be embedded in the first resident identification card verification security control device and the resident identification card reading apparatus in advance, or may be stored in a key database and acquired from the key database when necessary.
S119, the resident certificate card reading device transmits interactive information between the first resident certificate card verification safety control device and the resident certificate card in the process that the first resident certificate card verification safety control device reads the resident certificate card information;
s120, the resident certificate card reading device receives resident certificate card information sent by the first resident certificate card verification safety control equipment after the resident certificate card information stored in the resident certificate card is read;
as an alternative implementation manner, in step S118, before the first resident certificate card verification security control device starts the process of reading the resident certificate card information, the method provided by the embodiment further includes: the resident certificate card reading device negotiates with first resident certificate card verification safety control equipment, and a session key is obtained by the resident certificate card reading device and the first resident certificate card verification safety control equipment; the session key may be one or a string of random numbers, or may be one or a string of random characters, or any combination of a string of random numbers and random characters. After the resident identification card reading device and the first resident identification card verification security control device obtain the session key, the method provided by the embodiment further includes: in the subsequent communication process of the resident identification card reading device and the first resident identification card verification safety control device, the resident identification card reading device and the first resident identification card verification safety control device respectively encrypt and decrypt the transmitted and received data by using the session key. Data are encrypted or decrypted through the session key, and the safety of data transmission in the card reading process can be guaranteed. In addition, the session key is used as a randomly generated key and is not easy to be stolen by illegal molecules. Because the session key adopts the form of random numbers, the random numbers adopted by the data transmitted every time are different, and the security of data transmission between the resident certificate card reading device and the first resident certificate card verification security control device can be further improved.
Therefore, the resident certificate card reading device completes the card reading process, and finally obtains resident certificate card information stored in the resident certificate card through interaction with the first resident certificate card verification safety control device.
And S121, the resident certificate card reading device sends the resident certificate card information to the terminal.
In the specific implementation process, after the first resident certificate card verification safety control device reads resident certificate card information stored in the resident certificate card, the read resident certificate card information is sent to the resident certificate card reading device. At this moment, in order to conveniently check the resident certificate card information, a display device can be further arranged on the resident certificate card reading device to display the resident certificate card information, or the resident certificate card reading device can display the resident certificate card information by means of a display screen of other equipment, and if the resident certificate card information is sent to the terminal, the resident certificate card information is displayed by the terminal, or the resident certificate card information is sent (directly sent or sent through the terminal) to the display device and displayed by the display device. In addition, when resident certificate card information is shown for the convenience of follow-up needs, the resident certificate card information can be directly obtained from a resident certificate card reading device, the resident certificate card reading device can also send the resident certificate card information to the terminal and/or the storage device, then the terminal and/or the storage device stores the resident certificate card information, and/or the terminal sends the resident certificate card information to the storage device for storage. In addition, the resident certificate card reading device can also store the received resident certificate card information, and certainly, in order to ensure the safety of the resident certificate card information storage, the resident certificate card reading device can also encrypt and store the resident certificate card information.
Therefore, in the method for reading the resident certificate card provided by the embodiment of the invention, the resident certificate card reading device can assist the first resident certificate card verification safety control device to acquire resident certificate card information from the resident certificate card, and when a plurality of resident certificate card reading devices are arranged, each resident certificate card reading device is connected with the first resident certificate card verification safety control device, so that the utilization rate of the first resident certificate card verification safety control device can be improved.
Example 4
Based on the foregoing embodiments 1 to 2, fig. 5 shows a schematic structural diagram of an actual application scenario of the system for reading resident identification card information provided in this embodiment, and as shown in fig. 5, the system for reading resident identification card information provided in this embodiment mainly includes: a plurality of resident identification card reading devices 70, a plurality of resident identification card verification safety control devices 90 connected with the plurality of resident identification card reading devices 70, a preposed terminal 60 is correspondingly configured for each resident identification card reading device 70, and the preposed terminal 60 also comprises a plurality of resident identification card verification safety control devices (all the preposed terminals are not shown in the figure). Of course, the resident identification card information acquisition system may also include the electronic signature device 80 as needed.
Each resident identification card reading device 70 may be provided with two communication interfaces (wired interfaces, such as USB interface, serial interface, and earphone interface, etc., or wireless interfaces, such as bluetooth and WIFI, etc.), and may be connected to the front end terminal 60 and the resident identification card verification security control device 90, respectively. Each resident identification card reading device 70 can communicate with the resident identification card, for example, using radio frequency to communicate with the resident identification card, and also can communicate with the resident identification card verification security control device 90, and the communication data of the resident identification card and the resident identification card verification security control device 90 is transmitted through the resident identification card reading device 70. In this embodiment, the front-end terminal is a device capable of communicating and sending instructions, such as a PC, a PAD (tablet computer), a smart phone, a smart wearable device, and an electronic signature device (e.g., a U shield of a work bank, a K bank of a farming bank, etc.).
In order to provide the resident certificate card information without carrying the resident certificate card in subsequent use, the resident certificate card information is sent to the electronic signature device 80 for storage after the resident certificate card reading device 70 and/or the front terminal 60 acquires the resident certificate card information, and of course, the electronic signature device 80 can directly store the resident certificate card information and also can encrypt and store the resident certificate card information for ensuring the safety. If the resident certificate card information needs to be read from the electronic signature device 80, the resident certificate card information can be read after the holder of the electronic signature device 80 agrees, for example, the holder of the electronic signature device 80 inputs a correct PIN code.
The front-end terminal 60 corresponds to the resident certificate card reading device 70 one by one, and the embodiment takes the front-end terminal M and the resident certificate card reading device M as an example, and provides a flow for acquiring resident certificate card information by one resident certificate card reading device (the resident certificate card reading device M) in a plurality of resident certificate card reading devices, and the acquisition flows of other resident certificate card reading devices are also similar, and the specific flow is as follows:
s201, the front terminal M sends an operation request to the resident certificate card reading device M.
The operation request sent by the front-end terminal M is a trigger operation for waking up the resident certificate card reading device M, and the resident certificate card reading device M enters a working state after receiving the operation request. In practical application, when the resident identification card enters the field range of the resident identification card reading device, the resident identification card reading device can sense the resident identification card.
S202, the resident identification card reading means M selects a first resident identification card verification security control device (for example, the resident identification card verification security control device 2) from the plurality of resident identification card verification security control devices.
In practical applications, the resident identification card reading device M can select the first resident identification card verification security control device by one of the following methods:
selecting first resident certificate card verification safety control equipment from a plurality of resident certificate card verification safety control equipment according to a corresponding relation between a prestored resident certificate card reading device and the first resident certificate card verification safety control equipment;
and selecting the resident certificate card verification safety control equipment with the idle current working state as the first resident certificate card verification safety control equipment.
After selecting the corresponding resident certificate card verification security control device, the processes of searching for, selecting and reading the card may be started, specifically including steps S203 to S222, where the processes of searching for, selecting and reading the card may refer to the steps in the method for reading the resident certificate information provided in embodiment 3, and steps S203 to S222 in this embodiment correspond to steps S102 to S121 in embodiment 3, and are not described herein again.
According to the technical scheme provided by the invention, the SAM module is removed from the resident certificate card reading device, the resident certificate card reading device can only communicate with the resident certificate card, and the resident certificate card information needs to be read by the resident certificate card verification safety control equipment arranged at the background, so that the cost of the resident certificate card reading device can be reduced, and a plurality of resident certificate card reading devices can be verified by the same resident certificate card verification safety control equipment, so that the utilization rate of the resident certificate card verification safety control equipment is improved.
Example 5
Taking a resident identification card as an example, the embodiment of the invention provides an optional method for reading the information of the resident identification card. Fig. 6 is a flowchart of the method for reading the resident identification card information according to the embodiment, and as shown in fig. 6, the method includes the following steps S301 to S328:
s301: the terminal sends an operation request to the resident identification card reading device;
s302: the resident certificate card reading device sends a card searching instruction to the resident identification card;
s303: the resident identification card receives the card searching command and sends card searching confirmation data to the resident identification card reading device;
s304: the resident certificate card reading device encrypts the card searching request data D1 by using the session key to obtain a card searching request data ciphertext D1, and signs the card searching request data ciphertext D1 by using a private key of the resident certificate card reading device to obtain a card searching request signature value SD 1;
s305: the resident certificate card reading device sends a card searching request to the first resident certificate card verification security control device, wherein the card searching request comprises a card searching request data ciphertext D1, a card searching request signature value SD1 and a certificate of the resident certificate card reading device;
s306: the first resident certificate card verification security control device receives the card searching request, utilizes the certificate of the resident certificate card reading device to perform signature verification on the card searching request signature value SD1, decrypts the card searching request data ciphertext D1 by utilizing the session key after passing the signature verification on the card searching request signature value SD1 to obtain card searching request data D1, and generates card searching response data rd 1;
s307: the first resident certificate card verification security control device encrypts the card searching request response data RD1 by using the session key to obtain a card searching request response data ciphertext RD1, and signs the card searching request response data ciphertext RD1 by using a private key of the first resident certificate card verification security control device to obtain a card searching request response signature value SRD 1;
s308: the first resident identification card verification security control equipment sends a card searching request response to the resident identification card reading device, wherein the card searching request response comprises the following steps: the card searching request response data ciphertext RD1, the card searching request response signature value SRD1 and the certificate of the first resident certificate card verification security control device;
and S309, the resident certificate card reading device verifies the received card searching request response signature value SRD1 by using the certificate of the first resident certificate card verification security control device, decrypts the received card searching request response data ciphertext RD1 by using the session key after the verification of the card searching request response signature value SRD1 is passed, and obtains card searching request response data RD 1.
S310: the resident certificate card reading device sends card searching confirmation data to the first resident certificate card verification safety control device.
S301-S310 finish the card searching process, and after the card searching process is finished, the card selecting process is also included, and the first resident certificate card verification safety control device can confirm which resident certificate card is read through the card selecting process. As an optional implementation manner of this embodiment, after the step S310, the following implementation steps (S311-S319) of the card selection process are further included:
s311: after the resident certificate card reading device obtains the card searching request response data rd1, a card selecting instruction is sent to the resident identification card;
s312: the resident identification card receives the card selecting instruction and sends card selecting confirmation data to the resident identification card reading device, wherein the card selecting confirmation data at least comprises a serial number of the resident identification card;
s313: the resident certificate card reading device receives the card selection confirmation data, encrypts the card selection request data D2 by using the session key to obtain a card selection request data ciphertext D2, and signs the card selection request data ciphertext D2 by using a private key of the resident certificate card reading device to obtain a card selection request signature value SD 2;
s314: the resident certificate card reading device sends a card selection request to the first resident certificate card verification security control device, wherein the card selection request comprises a card selection request data ciphertext D2 and a card selection request signature value SD 2;
s315: the first resident certificate card verification security control device receives the card selection request, utilizes the certificate of the resident certificate card reading device to perform signature verification on the card selection request signature value SD2, and utilizes the session key to decrypt the card selection request data ciphertext D2 after the card selection request signature value SD2 passes the signature verification, so as to obtain card selection request data D2 and generate card selection response data rd 2;
s316: the first resident certificate card verification security control device encrypts the card selection request response data RD2 by using the session key to obtain a card selection request response data ciphertext RD2, and signs the card selection request response data ciphertext RD2 by using a private key of the first resident certificate card verification security control device to obtain a card selection request response signature value SRD 2;
s317: the first resident identification card verification security control device sends a card selection request response to the resident identification card reading device, wherein the card selection request response comprises: the card selection request response data ciphertext RD2 and the card selection request response signature value SRD 2;
s318: the resident certificate card reading device verifies the received card selection request response signature value SRD2 by using a certificate of the first resident certificate card verification security control device, decrypts the received card selection request response data RD2 ciphertext by using the session key after the card selection request response signature value SRD2 is verified, and obtains card selection request response data RD 2;
s319: and sending card selection confirmation data to the first resident identification card verification safety control device.
After the card selecting process is finished, the card reading process is started, and the card reading process of the resident certificate card reading device comprises the following steps (S320-S328):
s320: the resident certificate card reading device sends a card reading instruction to the resident identification card;
s321: the resident identification card receives the card reading instruction and sends card reading confirmation data to the resident identification card reading device;
s322: the resident certificate card reading device encrypts the card reading request data D3 by using a session key to obtain a card reading request data ciphertext D3, and signs the card reading request data ciphertext D3 by using a private key of the resident certificate card reading device to obtain a card reading request signature value SD3, wherein the card reading request data D3 at least comprises a ciphertext E1 of identity card information;
s323: the resident certificate card reading device sends a card reading request to the first resident certificate card verification security control device, wherein the card reading request comprises a card reading request data ciphertext D3 and a card reading request signature value SD 3;
s324: the first resident certificate card verification security control device receives the card reading request, utilizes the certificate of the resident certificate card reading device to sign and verify the card reading request signature value SD3, and utilizes the session key to decrypt the card reading request data cipher text D3 after the card reading request signature value SD3 passes the signature verification, so as to obtain the card reading request data D3; (ii) a
S325: the first resident certificate card verification security control equipment decrypts the ciphertext E1 of the identity card information in the card reading request data d3 to obtain the plaintext E1 of the identity card information, and encrypts the plaintext E1 of the identity card information by using the session key to obtain a second identity card information ciphertext E2;
s326: the first resident certificate card verification security control equipment sends a card reading request response to the resident certificate card reading device, wherein the card reading request response comprises: second identification card information ciphertext E2;
s327: the resident certificate card reading device receives the card reading request response, and decrypts the second identity card information ciphertext E2 by using the session key to obtain the plaintext E1 of the identity card information;
s328: the resident certificate card reading device sends the plaintext e1 of the identification card information to the terminal.
In this embodiment, the resident certificate card reading device is not provided with the verification security control module, the first resident certificate card verification security control device is arranged at a far end, the first resident certificate card verification security control device can decrypt ciphertext data read from the resident certificate card, any user can access the first resident certificate card verification security control device at the far end through a wireless network to read the resident certificate card, the realization cost of the user is greatly reduced, particularly in the industries of banks, stations, insurance and the like needing to execute resident certificate card information reading operation, and only a corresponding number of resident certificate card reading devices without the SAM module need to be deployed.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (22)

1. A method for reading resident certificate card information, comprising:
step 1, a terminal sends an operation request to a resident certificate card reading device;
step 2, after the resident certificate card reading device receives the operation request sent by the terminal, periodically broadcasting a card searching instruction;
step 3, the resident certificate card reading device receives a response message returned by the resident certificate card;
step 4, the resident certificate card reading device judges that the response message is card searching confirmation data aiming at the card searching instruction;
step 5, the resident certificate card reading device stops broadcasting the card searching command, sends a card searching request to the first resident certificate card verification safety control equipment through the network, wherein the card-seeking request comprises identification, a time stamp and/or single authentication data of the resident certificate card reading device, the single authentication data comprises a count value and/or a random factor generated by a counter of the resident certificate card reading device, if the single authentication data is the count value, the counter generates a count value every time the resident identification card reading device performs information reading operation of the resident identification card, counting the card-searching request, if the single authentication data is the random factor, the random factor is one or a string of random numbers or random characters, the identification of the resident certificate card reading device is a serial number of the resident certificate card reading device;
step 6, the first resident certificate card verification safety control equipment receives the card searching request and sends a card searching response to the resident certificate card reading device through a network, wherein the card searching response carries card searching response data;
step 7, the resident certificate card reading device receives the card searching response sent by the first resident certificate card verification safety control device, and obtains the card searching response data;
step 8, the resident certificate card reading device determines that the card searching response data is response data responding to the card searching request, and sends card searching confirmation data to the first resident certificate card verification safety control equipment;
step 9, the resident certificate card reading device sends a card selection instruction to the resident certificate card;
step 10, the resident certificate card reading device receives card selection confirmation data sent by the resident certificate card, wherein the card selection confirmation data at least comprises unique identification information of the resident certificate card;
step 11, the resident certificate card reading device sends a card selection request to the first resident certificate card verification safety control equipment through a network;
step 12, the first resident identification card verification safety control equipment receives the card selection request and sends a card selection request response to the resident identification card reading device through a network, wherein the card selection request response carries card selection request response data;
step 13, the resident identification card reading device receives a card selection request response sent by the first resident identification card verification safety control device, and card selection request response data is obtained;
step 14, the resident identification card reading device determines that the card selection request response data is response data for the card selection request, and sends card selection confirmation data to the first resident identification card verification safety control device;
step 15, the resident certificate card reading device sends a card reading instruction to the resident certificate card;
step 16, the resident certificate card reading device receives the card reading confirmation data returned by the resident certificate card;
step 17, the resident certificate card reading device sends a card reading request to the first resident certificate card verification safety control device, wherein the card reading request is used for indicating the first resident certificate card verification safety control device to start a process of reading resident certificate card information;
step 18, the first resident certificate card verification safety control equipment receives the card reading request and starts a process of reading resident certificate card information;
step 19, the resident certificate card reading device transmits interactive information between the first resident certificate card verification safety control device and the resident certificate card in the process that the first resident certificate card verification safety control device reads the resident certificate card information;
step 20, the resident certificate card reading device receives the resident certificate card information sent by the first resident certificate card verification safety control equipment after the resident certificate card information stored in the resident certificate card is read;
and step 21, the resident certificate card reading device sends the resident certificate card information to the terminal.
2. The method according to claim 1, wherein the card-searching request carries at least first identity authentication data;
before the first resident identification card verification security control device returns the card searching response to the resident identification card reading device, the method further comprises: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to the first identity authentication data carried in the card searching request, and executes the step of returning the card searching response to the resident certificate card reading device under the condition that the identity passes the authentication.
3. The method according to claim 1 or 2, wherein the card-searching response carries at least second identity authentication data;
after the resident identification card reading device receives the card searching response sent by the first resident identification card verification security control device, before the card searching response data is acquired, the method further comprises the following steps: and the resident certificate card reading device authenticates the identity of the first resident certificate card verification safety control device according to the second identity authentication data, and executes the step of acquiring the card searching response data under the condition that the authentication is passed.
4. The method according to claim 1, wherein the card selection request carries third identity authentication data;
before the first resident identification card verification security control device sends a card selection request response to the resident identification card reading means after receiving the card selection request, the method further comprises: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to third identity authentication data carried in the card selection request, and executes the step of sending a card selection request response to the resident certificate card reading device under the condition that the authentication is passed.
5. The method according to claim 1, wherein the card selection request response carries at least fourth identity authentication data;
after the resident identification card reading device receives the card selection request response sent by the first resident identification card verification security control device, before acquiring the card selection request response data, the method further includes: and the resident certificate card reading device authenticates the identity of the first resident certificate card verification safety control device according to the fourth identity authentication data, and executes the step of acquiring the card selection request response data under the condition that the authentication is passed.
6. The method according to claim 1, wherein at least fifth identity authentication data is carried in the card reading request;
after the first resident identification card verification security control device receives the card reading request, before the first resident identification card verification security control device starts a process of reading resident identification card information, the method further includes: and the first resident certificate card verification safety control equipment authenticates the identity of the resident certificate card reading device according to the fifth identity authentication data carried in the card reading request, and executes the step of starting the process of reading the resident certificate card information under the condition that the authentication is passed.
7. The method according to claim 1, before the first resident certificate card authentication security control device starts a process of reading resident certificate card information, the method further comprising: the resident certificate card reading device negotiates with the first resident certificate card verification safety control device, and a session key is obtained by the resident certificate card reading device and the first resident certificate card verification safety control device;
after the resident certificate card reading device and the first resident certificate card verification security control device obtain the session key, the method further includes: in the subsequent communication process of the resident identification card reading device and the first resident identification card verification security control device, the resident identification card reading device and the first resident identification card verification security control device respectively encrypt and decrypt the transmitted and received data by using the session key.
8. The method according to claim 1, wherein the resident certificate card reading device sends a card-seeking request to the first resident certificate card authentication security control device through a network, comprising: the resident certificate card reading device selects the first resident certificate card verification safety control device from a plurality of resident certificate card verification safety control devices, and sends the card searching request to the selected first resident certificate card verification safety control device.
9. The method as claimed in claim 8, wherein the resident certificate card reading means selects the first resident certificate card verification security control device from a plurality of resident certificate card verification security control devices comprises: the resident certificate card reading device selects the first resident certificate card verification safety control device from a plurality of resident certificate card verification safety control devices according to the corresponding relation between the resident certificate card reading device and the first resident certificate card verification safety control device which is stored in advance; or the resident certificate card reading device selects the resident certificate card verification safety control equipment with the current working state being idle as the first resident certificate card verification safety control equipment.
10. The method according to claim 1, wherein after the resident identification card reading device transmits the resident identification card information to the terminal, the method further comprises: the terminal displays the resident certificate card information, and/or the terminal sends the resident certificate card information to a storage device for storage.
11. A resident certificate card reading apparatus, comprising:
the third transceiver module is used for triggering the first transceiver module to periodically broadcast a card searching instruction after receiving an operation request sent by the terminal;
the first transceiving module is used for periodically broadcasting a card searching instruction and receiving a response message returned by the resident certificate card;
a first processing module, configured to determine whether the response message is card-searching confirmation data for the card-searching instruction, and if yes, notify the first transceiver module to stop broadcasting the card-searching instruction, and trigger the second transceiver module to send a card-searching request to the first residential certificate card verification security control device via the network, where the card-searching request includes an identifier, a timestamp, and/or single authentication data of the residential certificate card reading device, the single authentication data includes a count value and/or a random factor generated by a counter of the residential certificate card reading device, and if the single authentication data is the count value, the counter generates a count value every time the residential certificate card reading device performs an information reading operation of the residential certificate card, and counts the card-searching request, and if the single authentication data is the random factor, the random factor is one or a string of random numbers or random characters, and the identification of the resident certificate card reading device is the serial number of the resident certificate card reading device;
the second transceiver module is used for sending a card searching request to the first resident certificate card verification safety control device through a network and receiving a card searching response sent by the first resident certificate card verification safety control device, wherein the card searching response carries card searching response data;
the first processing module is further configured to obtain the card-searching response data, determine that the card-searching response data is response data responding to the card-searching request, and trigger the second transceiver module to send card-searching confirmation data to the first resident certificate card verification security control device;
the second transceiver module is further configured to send the card searching confirmation data to the first resident certificate card verification security control device through a network;
the first transceiver module is further configured to send a card selection instruction to the resident certificate card, and receive card selection confirmation data sent by the resident certificate card, where the card selection confirmation data at least includes unique identification information of the resident certificate card;
the second transceiving module is further configured to send a card selection request to the first resident certificate card verification security control device through a network, and receive a card selection request response sent by the first resident certificate card verification security control device, where the card selection request response carries card selection request response data;
the first processing module is further configured to acquire the card selection request response data, determine that the card selection request response data is response data for the card selection request, and trigger the second transceiver module to send card selection confirmation data to the first resident certificate card verification security control device;
the second transceiver module is further configured to send the card selection confirmation data to the first resident certificate card verification security control device;
the first transceiver module is further configured to send a card reading instruction to the resident certificate card and receive card reading confirmation data returned by the resident certificate card;
the second transceiving module is further configured to send a card reading request to the first resident certificate card verification security control device, where the card reading request is used to instruct the first resident certificate card verification security control device to start a process of reading resident certificate card information;
the first transceiver module is further configured to receive first interaction information sent by the resident certificate card to the resident certificate card verification security control device in a process of reading resident certificate card information by the first resident certificate card verification security control device, and transmit second interaction information sent by the first resident certificate card verification security control device to the resident certificate card;
the second transceiver module is further configured to send the first interaction information to the first resident certificate card verification security control device, and receive the second interaction information sent by the first resident certificate card verification security control device;
the second transceiver module is further configured to receive the resident certificate card information sent by the first resident certificate card verification security control device after the resident certificate card information stored in the resident certificate card is read;
and the third transceiver module is also used for sending the resident certificate card information to the terminal.
12. The apparatus of claim 11, wherein the first processing module is further configured to obtain first authentication data, and carry the first authentication data in the card-searching request.
13. The apparatus according to claim 11 or 12, wherein the card-seeking response carries at least second identity authentication data; the first processing module obtains the card searching response data in the following way: and authenticating the identity of the first resident certificate card verification safety control equipment according to the second identity authentication data, and acquiring the card searching response data under the condition that the authentication is passed.
14. The apparatus according to claim 11, wherein the first processing module is further configured to obtain third authentication data before the second transceiver module sends the card selection request to the first residential certificate card verification security control device, and to carry the third authentication data in the card selection request.
15. The apparatus according to claim 11, wherein the card selection request response carries at least fourth authentication data; the first processing module obtains the card selection request response data in the following mode: and authenticating the identity of the first resident certificate card verification safety control equipment according to the fourth identity authentication data, and acquiring the card selection request response data under the condition that the authentication is passed.
16. The apparatus according to claim 11, wherein the first processing module is further configured to, before the second transceiver module sends a card reading request to the first resident certificate card verification security control device, acquire fifth authentication data, and carry the fifth authentication data in the card reading request.
17. The apparatus of claim 11, further comprising: the key negotiation module is used for negotiating with the first resident certificate card verification security control device to obtain a session key before the second transceiver module sends the card reading request to the first resident certificate card verification security control device;
the second transceiver module sends the first interactive information to the first resident certificate card verification security control device in the following way: the second transceiver module encrypts the first interaction information by using the session key to obtain a first interaction information ciphertext, and sends the first interaction information ciphertext to the first resident certificate card verification safety control equipment;
the second transceiver module receives the second interactive information and the receiving sent by the first resident certificate card verification safety control device in the following mode, and the first resident certificate card verification safety control device reads the resident certificate card information stored in the resident certificate card and then sends the resident certificate card information: the second transceiving module decrypts a second interaction information ciphertext sent by the first resident certificate card verification safety control device by using the session key to obtain the second interaction information; and the second transceiving module decrypts the resident certificate card information ciphertext sent by the first resident certificate card verification safety control device by adopting the session key to obtain the resident certificate card information.
18. The apparatus according to claim 11, wherein the second transceiver module sends the card-searching request to the first resident certificate card verification security control device via the network by: and selecting the first resident certificate card verification safety control equipment from a plurality of resident certificate card verification safety control equipment, and sending the card searching request to the selected first resident certificate card verification safety control equipment through a network.
19. The apparatus according to claim 18, wherein the second transceiver module selects the first resident identification card verification security control device from a plurality of resident identification card verification security control devices by: selecting the first resident certificate card verification safety control equipment from a plurality of resident certificate card verification safety control equipment according to the corresponding relation between the resident certificate card reading device and the first resident certificate card verification safety control equipment which is stored in advance; or, selecting the resident certificate card verification safety control device with the current working state being idle as the first resident certificate card verification safety control device.
20. The apparatus of claim 11, further comprising: and the storage module is used for storing the resident certificate card information received by the second transceiver module.
21. A system for reading resident certificate card information, comprising: a terminal, a resident certificate card reading device and a first resident certificate card verification safety control device, wherein,
the terminal is used for sending an operation request to the resident certificate card reading device and receiving resident certificate card information sent by the resident certificate card reading device;
the resident identification card reading device comprises the resident identification card reading device of any one of the above claims 11 to 19;
and the first resident certificate card verification safety control device is used for receiving the request sent by the resident certificate card reading device and executing the operation corresponding to the request.
22. The system of claim 21, further comprising: a storage device and/or a display device; the terminal and/or the resident certificate card reading device are also used for sending the resident certificate card information to the storage device and/or the display device; the storage device is used for storing the resident certificate card information; and the display device is used for displaying the resident certificate card information.
CN201610780408.4A 2016-08-30 2016-08-30 Method and system for reading resident certificate card information and resident certificate card reading device Active CN106372547B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610780408.4A CN106372547B (en) 2016-08-30 2016-08-30 Method and system for reading resident certificate card information and resident certificate card reading device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610780408.4A CN106372547B (en) 2016-08-30 2016-08-30 Method and system for reading resident certificate card information and resident certificate card reading device

Publications (2)

Publication Number Publication Date
CN106372547A CN106372547A (en) 2017-02-01
CN106372547B true CN106372547B (en) 2021-07-16

Family

ID=57899179

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610780408.4A Active CN106372547B (en) 2016-08-30 2016-08-30 Method and system for reading resident certificate card information and resident certificate card reading device

Country Status (1)

Country Link
CN (1) CN106372547B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1815488A (en) * 2005-02-04 2006-08-09 高晶 Second-generation resident identification card management number and serial number reading device and method
CN104636777A (en) * 2015-01-15 2015-05-20 李明 Identity card information obtaining system
CN104899533A (en) * 2015-05-20 2015-09-09 李明 Method, apparatus and system for acquiring identify card information
CN104933379A (en) * 2015-05-20 2015-09-23 李明 Identity card information acquisition method, device and system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8118218B2 (en) * 2006-09-24 2012-02-21 Rich House Global Technology Ltd. Method and apparatus for providing electronic purse
CN101201887A (en) * 2006-12-15 2008-06-18 王耀 Application method of id card in personal identification system
CN102571340A (en) * 2010-12-23 2012-07-11 普天信息技术研究院有限公司 Certificate authentication device as well as access method and certificate update method thereof
CN104899621B (en) * 2015-05-20 2018-06-08 李明 ID card information acquisition methods, apparatus and system
CN104899497B (en) * 2015-05-20 2018-03-20 李明 Identity card reading device without SAM modules, SAM apparatus and systems

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1815488A (en) * 2005-02-04 2006-08-09 高晶 Second-generation resident identification card management number and serial number reading device and method
CN104636777A (en) * 2015-01-15 2015-05-20 李明 Identity card information obtaining system
CN104899533A (en) * 2015-05-20 2015-09-09 李明 Method, apparatus and system for acquiring identify card information
CN104933379A (en) * 2015-05-20 2015-09-23 李明 Identity card information acquisition method, device and system

Also Published As

Publication number Publication date
CN106372547A (en) 2017-02-01

Similar Documents

Publication Publication Date Title
CN103679448B (en) Password inputting method and password inputting system
CN104636777B (en) ID card information obtains system
EP2102778B1 (en) Method and arrangement for secure user authentication based on a biometric data detection device
CN106357627B (en) Method, system and terminal for reading resident certificate card information
EP3480718B1 (en) System and method for facilitating authentication via a shortrange wireless token
CN104639542A (en) Method and system for obtaining identity card information
CN104899533B (en) ID card information acquisition methods, apparatus and system
CN104899497A (en) Identity card reading apparatus having no SAM module, SAM apparatus and system
CN104933379B (en) ID card information acquisition methods, apparatus and system
CN104102863A (en) Identity authentication equipment and control method thereof
CN103714277B (en) Electronic equipment and application example management method thereof
CN103973455B (en) A kind of information interacting method
CN101689996A (en) Method for removable element authentication in an embedded system
CN106372557B (en) Certificate card information acquisition method, device and system
CN106372547B (en) Method and system for reading resident certificate card information and resident certificate card reading device
CN204559616U (en) ID card information obtains system
CN104899621A (en) Method, apparatus and system for acquiring identify card information
CN106375302B (en) Method and system for reading resident certificate card information and resident certificate card reading device
CN107689946B (en) Data communication method and data communication system
CN103984906A (en) Electronic key device without button
CN112041897B (en) Control method, ticketing rule server, ticket checking rule server and device
CN109525395B (en) Signature information transmission method and device, storage medium and electronic device
CN107688760B (en) Data communication method and data communication system
CN106407859B (en) Certificate card information acquisition method, terminal and certificate card information acquisition system
CN111758243A (en) Mobile storage device, storage system and storage method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220414

Address after: Tiantianrong building, No. 1, Zhongguancun, Beiqing Road, Haidian District, Beijing 100094

Patentee after: TENDYRON Corp.

Address before: 100086 room 603, building 12, taiyueyuan, Haidian District, Beijing

Patentee before: Li Ming

TR01 Transfer of patent right